Custom flow with selection UI
Cristiano Palazzi
cristianopalazzi at gmail.com
Wed Nov 17 15:27:08 UTC 2021
Hi everybody,
I'm working on an IDP v4 that should be able to provide a selection screen
for choosing a login method (External or SAML).
I'm following the instructions reported here
https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631610/MultiFactorAuthnConfiguration
to
integrate a custom flow in the MFA flow.
I defined a custom flow and a selection screen with two buttons.
Every button uses a custom event to signal the login method.
mfa-authn-config.xml:
<util:map id="shibboleth.authn.MFA.TransitionMap">
<entry key="">
<bean parent="shibboleth.authn.MFA.Transition"
p:nextFlow="custom/methodChooser" />
</entry>
<entry key="custom/methodChooser">
<bean parent="shibboleth.authn.MFA.Transition">
<property name="nextFlowStrategyMap">
<map>
<entry key="chooseExternal" value="authn/External" />
<entry key="choosePassword" value="authn/Password"/>
//it will be replaced by the SAML login flow
</map>
</property>
</bean>
</entry>
</util:map>
I'm using a simple servlet to provide the External authentication and
a HTPasswdCredentialValidator to test the implementation.
Everything seems to work fine but I still have a couple of doubts about
this solution:
- Is there a better way to provide a login selection method?
- I noticed that after choosing the password method, the browser back
button causes a stale request error (e.g. A problem occurred restoring the
flow execution with key 'e1s2').
I haven't found yet a solution to avoid this error.
Thank you,
Cristiano
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20211117/995a44a3/attachment.htm>
More information about the users
mailing list