[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: Re: Question about forceAuthn
From: "Mak, Steve" <makst () upenn ! edu>
Date: 2022-01-19 13:09:46
Message-ID: E1A0EC1D-5A27-44D0-BB4A-0A7164D2BC91 () upenn ! edu
[Download RAW message or body]
I can confirm that I did just find another SP that sets ForceAuthn="false" and it \
does not trigger the ignoreSSO context... You're probably right about the IP address \
change.
Thanks!
On 1/19/22, 8:05 AM, "users on behalf of Cantor, Scott" \
<users-bounces@shibboleth.net on behalf of cantor.2@osu.edu> wrote:
On 1/18/22, 11:26 PM, "users on behalf of Mak, Steve" \
<users-bounces@shibboleth.net on behalf of makst@upenn.edu> wrote:
> Before I start investigating deeper, has anyone heard of this sort of \
occurrence? I don't recall seeing any > bugs where the IdP is choosing the reauth \
flow even if the flag is set to false.
That's not the reason. IP address changes are the most common cause of session \
invalidation.
-- Scott
--
For Consortium Member technical support, see \
https://urldefense.com/v3/__https://shibboleth.atlassian.net/wiki/x/ZYEpPw__;!!IBzWLUs!DGL7YoxUe_3P3Kwh8A8VlZvEO8p9kbl7LM971eI13qJGYczqQ9j128Y5lOdy3A$ \
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
--
For Consortium Member technical support, see \
https://shibboleth.atlassian.net/wiki/x/ZYEpPw To unsubscribe from this list send an \
email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic