Proxy IdP + activationConditions
Cantor, Scott
cantor.2 at osu.edu
Tue Jan 19 16:25:51 UTC 2021
You can't have an activation condition that depends on a value of an attribute that you're actually applying the activation condition to, that would be circular.
Aside from that, any activation condition in the resolver can only depend on "prerequested attributes", with the special workrounds documented under that topic [1]. It doesn't have access to attributes that are in the middle of being resolved. But it would be impossible for a loop like that to work either way.
-- Scott
More information about the users
mailing list