Any recommendations/validation of a scheme to select a SAML Proxy or Password/MFA authentication flow based on relying party / SP entityID?
Cantor, Scott
cantor.2 at osu.edu
Thu Jan 27 23:50:23 UTC 2022
On 1/27/22, 2:09 PM, "users on behalf of Mak, David" <users-bounces at shibboleth.net on behalf of d.mak at northeastern.edu> wrote:
> Really appreciate the great advice on this! Of course, Scott pointing out the most straightforward solution
> meant I had to swallow my embarrassing attempt to overcomplicate things.
The whole supportedPrincipals matching is completely non-obvious and very hard to document or explain, it's just very obvious once you understand it that it automates most of the matching people try to write code to handle.
-- Scott
More information about the users
mailing list