You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to CAS Community
I know that for SPs that use the CAS protocol, renew=true can be added to the URL by the client to do a "forced authentication". Is there any way that SAML2 SPs can do the same thing or does it need to be configured in the CAS service registry?
(CAS = 6.3.6)
Dustin Luck
unread,
Oct 15, 2021, 1:01:36 AM10/15/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to CAS Community, Dustin Luck
I found the answer!
The SAML2 protocol supports an attribute in the AuthnRequest called 'ForceAuthn' that can be set to true to enable forced authentication. Fortunately, the SP I'm setting up supports it.