Question about forceAuthn
Mak, Steve
makst at upenn.edu
Wed Jan 19 04:26:43 UTC 2022
Hi list.
I think I have a weird problem with some vendors' SAML requests and I can't seem to replicate a test case with my test SPs.
I see some SAML Requests come in with ForceAuthn="false" yet it still seems to trigger the ignoreSSO/Reauth flow in my Shib IdP v4.1.2.
I know it's sort of silly to send ForceAuthn="false" when it's simply easier to omit the setting, but I still need to investigate.
Before I start investigating deeper, has anyone heard of this sort of occurrence? I don't recall seeing any bugs where the IdP is choosing the reauth flow even if the flag is set to false.
Thanks all,
Steve Mak
More information about the users
mailing list