Supporting different authnContextClassRef on the same SP?

Ullfig, Roberto Alfredo rullfig at
Wed Aug 18 18:29:00 UTC 2021

I have a shibboleth SP that's not configured to request MFA but I created a sub-directory on the server and used an .htaccess file like this to get MFA working just for that directory:

AuthType shibboleth
ShibRequestSetting requireSession true
ShibRequestSetting authnContextClassRef
Require authnContextClassRef

That works.

That won't work though if I access another directory on the server first (which doesn't require MFA). Is there a way around that or not? Thanks!

Roberto Ullfig - rullfig at
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list