...
Second, the RemoteUser Login Handler
is configured to be triggered by a special authentication context class:
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<LoginHandler xsi:type="RemoteUser"> <AuthenticationMethod> urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:BasicAuthn </AuthenticationMethod> </LoginHandler> |
...
- uses the redirect profile for authentication requests.
- requires the basic authentication at the IdP.
- uses the artifact profile for attribute consumption.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<SessionInitiator type="Chaining" Location="/WebDAVLogin" id="WebDAVLogin" entityID="https://idp.example.org/idp/shibboleth" target="https://webdav.example.org/"> <SessionInitiator type="SAML2" acsIndex="6" <!-- urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact --> template="bindingTemplate.html" outgoingBindings="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" authnContextClassRef="u:o:n:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:BasicAuthn"/> </SessionInitiator> |
...