Child pages
  • Configuring a Shibboleth SP for step-up authentication
Skip to end of metadata
Go to start of metadata
When configuring a Shibboleth SP for step-up authentication, please refer to:
See also some generic instructions for connecting a Shibboleth SP to SURFconext:
An example Apache configuration snippet where a request for a specific URL triggers a SAML request with a higher LoA:
<Location /secure>
        AuthType shibboleth
        ShibRequestSetting requireSession 1
        ShibRequestSetting authnContextClassRef
        require valid-user


An example of the resulting subset of environment variables:
[Shib-Application-ID] => default
[Shib-Session-ID] => _77421bdf5f17e10c70efb9a89aa3737e
[Shib-Identity-Provider] =>
[Shib-Authentication-Instant] => 2013-10-29T22:08:46Z
[Shib-Authentication-Method] =>
[Shib-AuthnContext-Class] =>
[Shib-Session-Index] => c8a493e33432686feb5cc683a9fd0c7c
[persistent-id] =>!!
  • No labels