[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-dev
Subject:    Re: OIDC 0.9 extension
From:       Jim Fox <fox () washington ! edu>
Date:       2019-03-30 2:12:19
Message-ID: alpine.OSX.2.21.1903291907060.27529 () jims-macbook-pro ! local
[Download RAW message or body]


I wasn't aware that there are so many versions of authn principals. Who would know?

Basically, it was easy for me to do something like this:

(with these two)
   authCtx = input.getSubcontext("net.shibboleth.idp.authn.context.AuthenticationContext");
  rpCtx = authCtx.getSubcontext("net.shibboleth.idp.authn.context.RequestedPrincipalContext");


(I do this)
   refed = new AuthnContextClassRefPrincipal("https://refeds.org/profile/mfa");
   if (rpCtx.getRequestedPrincipals().contains(refed)) {
     ...


I guess I can loop through the principals.  But this was easier.

Jim




On Fri, 29 Mar 2019, Cantor, Scott wrote:

> Date: Fri, 29 Mar 2019 23:47:01 +0000
> From: "Cantor, Scott" <cantor.2@osu.edu>
> Reply-To: Shib Dev <dev@shibboleth.net>
> To: Shib Dev <dev@shibboleth.net>
> Subject: Re: OIDC 0.9 extension
> 
> On 3/29/19, 6:00 PM, "dev on behalf of Jim Fox" <dev-bounces@shibboleth.net on \
> behalf of fox@washington.edu> wrote: 
> > They look a lot the same but aren't, really.
> 
> No, the class type is not the same. I don't know the details of your script, but \
> generally you'd want to perhaps look at the getName() method of the Principal \
> object to get the string itself out without regard for the class type. It really \
> just depends how specific you're intending to be in comparing them. 
> -- Scott
> 
> 
> -- 
> To unsubscribe from this list send an email to dev-unsubscribe@shibboleth.net
> 
-- 
To unsubscribe from this list send an email to dev-unsubscribe@shibboleth.net


[prev in list] [next in list] [prev in thread] [next in thread]