Introduction
...
- UI locale of the login page
- client_name of the application
An example of the included Extensions
element is shown below.
Code Block | ||||
---|---|---|---|---|
| ||||
<samlp:Extensions>
<ftn xmlns="http://ftn.ficora.fi/2017/req_ext">
<lg>fi</lg>
<spname>client_name</spname>
</ftn>
</samlp:Extensions> |
RequestedAuthnContext configuration
It is possible to configure either AuthnContextClassRef or AuthnContextDeclRef together with Comparison. This is possible by specifying the following configuration
Configuration key | Description |
---|---|
saml.requestedAuthnContext.comparison | Value of the Comparison attribute of RequestedAuthnContext. Needs to be one of the following:
This configuration key needs to be configured together either with If this parameter is left empty, then no Comparison attribute is set for RequestedAuthnContext. |
saml.requestedAuthnContext.authnContextClassRef | List of values of AuthnContextClassRef elements added to RequestedAuthnContext. Multiple values are separated by white space. If this parameter is left empty, then no AuthnContextClassRef elements are added to RequestedAuthnContext. |
saml.requestedAuthnContext.authnContextDeclRef | List of values of AuthnContextDeclRef elements added to RequestedAuthnContext. Multiple values are separated by white space. If this parameter is left empty, then no AuthnContextDeclRef elements are added to RequestedAuthnContext. |
NOTE: According to SAML2 protocol schema, it's not allowed to add both AuthnContextClassRef and AuthnContextDeclRef elements in an RequestedAuthnContext.
Configuration can be done via management user interface by opening the authentication method from global method settings view (Home → Global Method Settings). Then configure the setting by entering the values into Configuration String text field.
Figure 3. SAML RequestedAuthnContext configuration |
...