Hi Gabriel, Thanks for your interest in fixing this issue. I have CC'ed Johann and Dulanja here from Identity Server team who would provide more information regarding this.
Thank you, Tharindu On Fri, Apr 17, 2015 at 5:16 PM, Gabriel Vince <[email protected]> wrote: > Hello all, > > I am considering to help fixing a few issues already in Jira. Currently > what's burning is https://wso2.org/jira/browse/IDENTITY-2585 > > Just as my background - I am working on a SSO project (not the first one) > leveraging SAML features (which got very popular). > > Optimal state is that the RequestedAuthnContext in the SAML AuthRequest is > optional, configurable (and some projects even require multiple values of > the AuthnContextClassRef value). > > Let's keep it moderate - assume the parameter is optional, single value > and configurable. What needs to be updated? I'll try to list what I found > to update and please shoot if I missed something. > > SAMLSSOConfiguration > - data object > - file based configuration > - database schema > - admin web service > - Admin UI > - ??? anything else? > > DefaultSAML2SSOManager > - business logic to get and use the parameter > > As a simlyfied resolution I'd propose the RequestedAuthnContext will not > be created for the SAML AuthRequest at all and this way the remote IdP > will be happy to do as it likes. This is a commonly used option in other > products. It will be much better than any hardcoded value. (Many > organizations do Client Certificate authentication or use custom values for > this parameter) > > > Best regards > -- > Gabriel Vince > Senior Consultant > Apogado > http://www.apogado.com > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Tharindu Edirisinghe Software Engineer | WSO2 Inc Identity Server Team mobile : +94 775 181586
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
