shibboleth-dev - RE: Soliciting Feedback, Shibboleth 2 Roadmap

Subject: Shibboleth Developers

List archive

RE: Soliciting Feedback, Shibboleth 2 Roadmap

From: "Scott Cantor" <>
To: <>
Subject: RE: Soliciting Feedback, Shibboleth 2 Roadmap
Date: Thu, 9 Mar 2006 13:59:44 -0500
Organization: The Ohio State University

> I'm sure it's been discussed before as this is an issue with any SSO
> solution, but I didn't see it on the roadmap... Are there formal
> plans at all to allow an SP (particularly a highly-sensitive
> application) to request re-authentication of the user?

SAML 2.0 includes a ForceAuthn flag. Of course, that doesn't guarantee the
IdP actually interacts with the user, but it's the equivalent of what you're
talking about.

There's also an IdP supplied ReauthenticateOnOrAfter stamp that bounds the
session at the SP from the IdP end.

-- Scott

Re: Soliciting Feedback, Shibboleth 2 Roadmap, (continued)
- Re: Soliciting Feedback, Shibboleth 2 Roadmap, Will Norris, 03/09/2006
  - Re: Soliciting Feedback, Shibboleth 2 Roadmap, Chad La Joie, 03/09/2006
  - RE: Soliciting Feedback, Shibboleth 2 Roadmap, Scott Cantor, 03/09/2006
- Re: Soliciting Feedback, Shibboleth 2 Roadmap, Thomas Lenggenhager, 03/13/2006
  - RE: Soliciting Feedback, Shibboleth 2 Roadmap, Scott Cantor, 03/13/2006
    - Re: Soliciting Feedback, Shibboleth 2 Roadmap, Chad La Joie, 03/13/2006
- Re: Soliciting Feedback, Shibboleth 2 Roadmap, Francisco Queiros Pinto, 03/13/2006
- Re: Soliciting Feedback, Shibboleth 2 Roadmap, Tom Scavo, 03/10/2006
  - Re: Soliciting Feedback, Shibboleth 2 Roadmap, Chad La Joie, 03/10/2006
    - Re: Soliciting Feedback, Shibboleth 2 Roadmap, Tom Scavo, 03/10/2006
      - Re: Soliciting Feedback, Shibboleth 2 Roadmap, Chad La Joie, 03/10/2006
    - Re: Soliciting Feedback, Shibboleth 2 Roadmap, Velpi, 03/12/2006
      - Re: Soliciting Feedback, Shibboleth 2 Roadmap, Tom Scavo, 03/12/2006

List archive

RE: Soliciting Feedback, Shibboleth 2 Roadmap