Hi Gabriel, First of all sorry for the late response.
On Fri, Apr 17, 2015 at 5:16 PM, Gabriel Vince <[email protected]> wrote: > Hello all, > > I am considering to help fixing a few issues already in Jira. Currently > what's burning is https://wso2.org/jira/browse/IDENTITY-2585 > > Just as my background - I am working on a SSO project (not the first one) > leveraging SAML features (which got very popular). > > Optimal state is that the RequestedAuthnContext in the SAML AuthRequest is > optional, configurable (and some projects even require multiple values of > the AuthnContextClassRef value). > > Let's keep it moderate - assume the parameter is optional, single value > and configurable. What needs to be updated? I'll try to list what I found > to update and please shoot if I missed something. > > SAMLSSOConfiguration > - data object > - file based configuration > - database schema > - admin web service > - Admin UI > This should be it. - ??? anything else? > > DefaultSAML2SSOManager > - business logic to get and use the parameter > > As a simlyfied resolution I'd propose the RequestedAuthnContext will not > be created for the SAML AuthRequest at all and this way the remote IdP > will be happy to do as it likes. This is a commonly used option in other > products. It will be much better than any hardcoded value. (Many > organizations do Client Certificate authentication or use custom values for > this parameter) > Again, thank you for your interest in Identity Server. If you have any questions regarding our implementation please drop a mail. Thanks, Johann. > > > Best regards > -- > Gabriel Vince > Senior Consultant > Apogado > http://www.apogado.com > > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Thanks & Regards, *Johann Dilantha Nallathamby* Associate Technical Lead & Product Lead of WSO2 Identity Server Integration Technologies Team WSO2, Inc. lean.enterprise.middleware Mobile - *+94777776950* Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
