[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [saml-dev] AuthnContext for WebSSO
On 7/17/15, 3:39 PM, "Peter Major" <peter.major@forgerock.com> wrote: > >OpenAM by default always sends the RequestedAuthnContext, yes It really should not. That's a bad default. >Personally I find AuthnContexts a bit awkward though... You can request >minimum PPT, and then that will allow the IdP to choose something >better, but at the end of the day it will be up to the SP to decide >whether the received AuthnContext is actually acceptable (which then >means that SP needs to have the same kind of "strength ordering" as the >IdP).. Yes, which is why it's not a default sort of behavior, it's something used only when the appropriate circumstances exist for it to work. -- Scott
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]