Hello all, I am considering to help fixing a few issues already in Jira. Currently what's burning is https://wso2.org/jira/browse/IDENTITY-2585
Just as my background - I am working on a SSO project (not the first one) leveraging SAML features (which got very popular). Optimal state is that the RequestedAuthnContext in the SAML AuthRequest is optional, configurable (and some projects even require multiple values of the AuthnContextClassRef value). Let's keep it moderate - assume the parameter is optional, single value and configurable. What needs to be updated? I'll try to list what I found to update and please shoot if I missed something. SAMLSSOConfiguration - data object - file based configuration - database schema - admin web service - Admin UI - ??? anything else? DefaultSAML2SSOManager - business logic to get and use the parameter As a simlyfied resolution I'd propose the RequestedAuthnContext will not be created for the SAML AuthRequest at all and this way the remote IdP will be happy to do as it likes. This is a commonly used option in other products. It will be much better than any hardcoded value. (Many organizations do Client Certificate authentication or use custom values for this parameter) Best regards -- Gabriel Vince Senior Consultant Apogado http://www.apogado.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
