shibboleth-dev - RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth

Subject: Shibboleth Developers

List archive

RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth

From: Jim Fox <>
To: "" <>
Subject: RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth
Date: Mon, 27 Sep 2010 09:05:03 -0700 (PDT)

And if you want to verify a uwername and password without sending the user through the IdP you might look at the ECP extension, which does that.

Jim

On Mon, 27 Sep 2010, Scott Cantor wrote:

Date: Mon, 27 Sep 2010 08:57:50 -0700
From: Scott Cantor
<>
To:
""

<>
Reply-To:
""

<>
Subject: RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth

It is my impression that there is no way to force the user to
re-authenticate. Is that correct?

If you handle the flow of authentication inside the IdP and the SP uses SAML
2.0 and does the appropriate things, you can force reauthentication.

You can also do it with custom login handler code in the IdP without the
SP's involvement, assuming the goal is to bypass SSO for an SP altogether.

-- Scott

[Shib-Dev] FW: [REDCap] E-Signature and Shibboleth, Jones, Mark B, 09/27/2010
- RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth, Scott Cantor, 09/27/2010
  - RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth, Jim Fox, 09/27/2010
    - RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth, Scott Cantor, 09/27/2010
      - RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth, Jim Fox, 09/27/2010
        
        RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth, Jones, Mark B, 09/27/2010
        
        RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth, Scott Cantor, 09/27/2010
        
        RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth, Jones, Mark B, 09/27/2010

List archive

RE: [Shib-Dev] FW: [REDCap] E-Signature and Shibboleth