ForceAuthN=true

[Noelette Stout]

I have a 3rd party application that requires ForceAuthN=true to be set in their configuration. Our external IdP doesn't currently support this. Can I enable this on a per service basis for a delegated SAML2 client, or will it not matter because the IdP the auth is delegated to doesn't support it anyway?  

Thanks in advance for any help you can give.

Noelette

[Noelette Stout]

Ah, nevermind. I've basically answered my own question. When I remove it from delegated authentication and authenticate directly through CAS, it works just fine -- which tells me the issue is wholly on our external IdP.

Thanks!

Noelette