Using a different SP entity ID with the IdP SAML authn flow
Wessel, Keith
kwessel at illinois.edu
Thu Sep 16 16:31:00 UTC 2021
Help me out here, Scott. PRC? Is that what's passed in as the input?
I'm doing this in my MFA script to get to the requested principals which sounds like what you're talking about here:
authCtx = input.getSubcontext("net.shibboleth.idp.authn.context.AuthenticationContext");
reqprCtx = authCtx.getSubcontext("net.shibboleth.idp.authn.context.RequestedPrincipalContext");
Amusingly, I'm not ever using reqprCtx in my MFA script. So, I probably don't need that there.
But I should be able to do that in this other bean and, if reqprCtx is null, return the default entity ID, correct?
What exactly does PRC stand for?
Thanks,
Ketih
-----Original Message-----
From: users <users-bounces at shibboleth.net> On Behalf Of Cantor, Scott
Sent: Thursday, September 16, 2021 11:19 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: Using a different SP entity ID with the IdP SAML authn flow
That context (if it exists, which is not necessarily true) is underneath the AuthenticationContext, and the input is normally the PRC.
It's PRC -> AuthenticationContext- > RequestedPrincipalContext.
If there are no requirements, it won't be there.
-- Scott
--
For Consortium Member technical support, see https://urldefense.com/v3/__https://shibboleth.atlassian.net/wiki/x/ZYEpPw__;!!DZ3fjg!rt9xDQf3FYneQPPs8j5dJNxXyuwdM3ofWGjN7TRuLOk5LaYY-osFfluL44ab5MRmiQ$
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list