Skip to content
This repository has been archived by the owner on Oct 24, 2020. It is now read-only.

Incorrectly looking at request for forced/passive #14

Open
chasegawa opened this issue Oct 8, 2014 · 1 comment
Open

Incorrectly looking at request for forced/passive #14

chasegawa opened this issue Oct 8, 2014 · 1 comment
Assignees
@chasegawa

Comments

@chasegawa
Copy link
Contributor

The login handler should pretty much mimic what the MCB one is doing:
https://github.com/Internet2/Shibboleth-Multi-Context-Broker/blob/master/mcb-project/src/main/java/edu/internet2/middleware/assurance/mcb/authn/provider/MCBLoginHandler.java#L130 rather than looking at the request
@chasegawa chasegawa self-assigned this Oct 8, 2014
@jtgasper3
Copy link
Contributor

I think this related to what I found today. The passive response is ineffective. It should do something like:

log.info("Passive authentication requested without a valid SSO session. Returning SAML error to SP [{}]", entityId);
AuthenticationException ae = isPassive ? new PassiveAuthenticationException("Passive authentication not supported without a previous session.")
    : new AuthenticationException("The user could not be authenticated for an unknown reason.");

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@chasegawa chasegawa

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jtgasper3 @chasegawa