Versions Compared

Old Version 19

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version 20

changes.mady.by.user Vlad Mencl

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: typo

...

(for v4.0.1) Update the authn/SAML bean in authn/general-authn.xml so it understands the REFEDS MFA profile by adding a supportedPrinciples supportedPrincipals property:

Code Block
languagexml
titleauthn/general-authn.xml updates
<bean id="authn/SAML" parent="shibboleth.AuthenticationFlow"
    p:nonBrowserSupported="false"
    p:passiveAuthenticationSupported="true"
    p:forcedAuthenticationSupported="true"
    p:proxyScopingEnforced="true"
    p:discoveryRequired="true">

    <property name="supportedPrincipals">
        <list>
            <bean parent="shibboleth.SAML2AuthnContextClassRef"
                c:classRef="urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" />
            <bean parent="shibboleth.SAML2AuthnContextClassRef"
                c:classRef="urn:oasis:names:tc:SAML:2.0:ac:classes:Password" />
            <bean parent="shibboleth.SAML1AuthenticationMethod"
                c:method="urn:oasis:names:tc:SAML:1.0:am:password" />
            <bean parent="shibboleth.SAML2AuthnContextClassRef"
                c:classRef="https://refeds.org/profile/mfa" />
        </list>
    </property>
</bean>

...