Loading...

XML

Word

Printable

Details

Type: Feature Request
Resolution: Done
Priority: Major
Fix Version/s: PLINK_2.7.0.CR3
Affects Version/s: PLINK_2.6.0.Final
Component/s: SAML
Labels:
None

Git Pull Request:
https://github.com/picketlink/picketlink-bindings/pull/111, https://github.com/picketlink/picketlink/pull/446

Description

SAML2AuthenticationHander should take in an option "ForceAuthn" with possible values being "true" or "false" which could be in picketlink.xml's Handler section with an option being "ForceAuthn", just like "NAMEID_FORMAT".

Then in its private class SPAuthenticationHandler, (for version 2.6.0.Final) add (after line 382), add

auth.setForceAuthn(<the_above_mentioned_configured_value>);

if the option does exist in picketlink.xml file.

This flag is telling the IDP side to force user authentication, instead of reusing an existing user session on the IDP side even if it is not expired.

Attachments

Activity

People

Assignee:: Pedro Igor Craveiro

Reporter:: Adam Dong (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2014/12/02 7:17 PM

Updated:: 2014/12/15 11:06 AM

Resolved:: 2014/12/15 11:06 AM