Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Request authentication at a specific LoA

An example Apache configuration snippet where a request for a specific URL triggers a SAML request with LoA 2.
The LoA identifier is specific for the Production environment!

 

<Location /secure>
    AuthType shibboleth
    ShibRequestSetting requireSession 1
    ShibRequestSetting authnContextClassRef http://surfconext.nl/assurance/loa2
    require valid-user
</Location>

 

Example of the resulting subset of environment variables:

 

[Shib-Application-ID] => default
[Shib-Session-ID] => _77421bdf5f17e10c70efb9a89aa3737e
[Shib-Authentication-Instant] => 2013-10-29T22:08:46Z
[Shib-Authentication-Method] => http://surfconext.nl/assurance/loa3
[Shib-AuthnContext-Class] => http://surfconext.nl/assurance/loa3
[Shib-Session-Index] => c8a493e33432686feb5cc683a9fd0c7c

Note that a LoA2 authentication was requested, yet the user was authenticated at LoA3.

More info


  • No labels