Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5373

Document the ability to add custom authentication contexts to a Hosted IDP/SP

    Details

    • Sprint:
      Sprint 84 - Team Shakespeare
    • Support Ticket IDs:

      Description

      The ability to add custom authentication context's to a hosted IDP/SP has always been possible but before OPENAM-2238, any changes saved via the console would wipe out the custom contexts in the extended metadata.

      Custom contexts can now be loaded and not lost when they are loaded via ssoadm as part of the hosted IDP/SP extended metadata and saves are made in the console. Any custom authentication contexts loaded via ssoadm are also visible in the console.

      Example custom entries in the idpAuthncontextClassrefMapping element of the extended metadata for a hosted IDP:

              <Attribute name="idpAuthncontextClassrefMapping">
                  <Value>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|1||default</Value>
                  <Value>http://idmanagement.gov/ns/assurance/loa/4|4||</Value>
      	    <Value>http://idmanagement.gov/ns/assurance/loa/3|3||</Value>
                  <Value>http://idmanagement.gov/ns/assurance/loa/2|2||</Value>
                  <Value>http://idmanagement.gov/ns/assurance/loa/1|1||</Value> 
              </Attribute>
      

        Attachments

          Activity

            People

            • Assignee:
              austingene Gene Hirayama
              Reporter:
              markdr Mark de Reeper
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 1h
                1h
                Remaining:
                Remaining Estimate - 1h
                1h
                Logged:
                Time Spent - Not Specified
                Not Specified