[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: maxTimeSinceAuthn FatalProfileException
From:       "Cantor, Scott" <cantor.2 () osu ! edu>
Date:       2021-02-12 15:04:14
Message-ID: 7B475D4A-8825-411F-94AF-9F80D6602B61 () osu ! edu
[Download RAW message or body]

On 2/11/21, 8:37 PM, "dev on behalf of Dan McLaughlin via dev" \
<dev-bounces@shibboleth.net on behalf of dev@shibboleth.net> wrote:

> When maxTimeSinceAuthn expires, is there a way to configure the SP to
> redirect the user to the IDP with ForceAuthn=true instead of the
> throwing the FatalProfileException - The gap between now and the time
> you logged into your identity provider exceeds the limit.

All errors are the same, and the only thing you can do is a template or set \
redirectErrors and handle them yourself. So the answer is yes, the latter, and \
implementing the error handling to do what you want.

-- Scott


-- 
For Consortium Member technical support, see \
https://wiki.shibboleth.net/confluence/x/coFAAg To unsubscribe from this list send an \
email to users-unsubscribe@shibboleth.net


[prev in list] [next in list] [prev in thread] [next in thread]