[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: authn flow timeout and lifetime via predicate
From:       "Cantor, Scott via users" <users () shibboleth ! net>
Date:       2023-05-17 17:38:45
Message-ID: FE3EA251-2315-43B3-BAC9-EEFCE02F5DE6 () osu ! edu
[Download RAW message or body]

There isn't any way to establish those settings dynamically. Rather, it's possible to attach a predicate to the flow as a reuseCondition (there are properties for each login flow in 4.1+ to get the bean ID set) , and that can be added as another layer of validation that can enforce timeouts and such more dynamically.

The MFA flow should honor the condition automatically if it's attached to a flow it's running.

-- Scott


-- 
For Consortium Member technical support, see https://shibboleth.atlassian.net/wiki/x/ZYEpPw
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]