[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: Re: authn flow timeout and lifetime via predicate
From: "Cantor, Scott via users" <users () shibboleth ! net>
Date: 2023-05-17 17:38:45
Message-ID: FE3EA251-2315-43B3-BAC9-EEFCE02F5DE6 () osu ! edu
[Download RAW message or body]
There isn't any way to establish those settings dynamically. Rather, it's possible to attach a predicate to the flow as a reuseCondition (there are properties for each login flow in 4.1+ to get the bean ID set) , and that can be added as another layer of validation that can enforce timeouts and such more dynamically.
The MFA flow should honor the condition automatically if it's attached to a flow it's running.
-- Scott
--
For Consortium Member technical support, see https://shibboleth.atlassian.net/wiki/x/ZYEpPw
To unsubscribe from this list send an email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic