MDDriven overrides for defaultAuthenticationMethods
Andrew Jason Morgan
morgan at oregonstate.edu
Wed Nov 24 23:23:37 UTC 2021
Understood. Thanks for confirming what I saw.
What happens if I don't set defaultAuthenticationMethods in the DefaultRelyingParty? I have idp.authn.flows=MFA, and I have defined the supportedPrincipals for authn/MFA. Do I need to "turn off" other flows at all? I wonder if my defaultAuthenticationMethods setting is just vestigial at this point....
From: users <users-bounces at shibboleth.net> on behalf of Cantor, Scott <cantor.2 at osu.edu>
Sent: Wednesday, November 24, 2021 2:29 PM
To: Shib Users <users at shibboleth.net>
Subject: Re: MDDriven overrides for defaultAuthenticationMethods
[This email originated from outside of OSU. Use caution with links and attachments.]
On 11/24/21, 3:47 PM, "users on behalf of Andrew Jason Morgan" <users-bounces at shibboleth.net on behalf of morgan at oregonstate.edu> wrote:
> Is this the expected behavior?
Inline settings always override metadata and there is no merging.
For Consortium Member technical support, see https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fshibboleth.atlassian.net%2Fwiki%2Fx%2FZYEpPw&data=04%7C01%7Cmorgan%40oregonstate.edu%7Cd1601169050f4deac51908d9af9a03f1%7Cce6d05e13c5e4d6287a84c4a2713c113%7C0%7C0%7C637733898291340089%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=pCBUNZdNkIUl0457pK7kI2eDDjlVjgRpbFsT7SrP2w0%3D&reserved=0
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users