On Mon, Jan 30, 2017 at 3:13 AM, Hynek Mlnarik <hmlnarik(a)redhat.com> wrote:
Keycloak always returns
urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified
AuthnContextClassRef unless AuthnStatement inclusion is disabled. If you
need to handle authncontext properly, please open a JIRA feature request.
--Hynek
On 01/27/2017 12:21 AM, Muein Muzamil wrote:
> Hi all,
>
> We are trying to configure OpenAM as SAML client with KeyCloak, as part
of
> SAML request it sends PasswordProtectedTransport AuthnContext (as shown
> below) and it expects this back as part of SAML response.
>
> <samlp:RequestedAuthnContext
>
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"Comparison="exact">
> <saml:AuthnContextClassRef
> xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:
oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</
saml:AuthnContextClassRef>
> </samlp:RequestedAuthnContext>
>
>
> Currently, KeyCloak always returns unspecified as AuthnContext, is there
> any way to return back AuthnContext what KeyCloak received in the
request?
> <saml:AuthnContext>
> <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:
ac:classes:unspecified</saml:AuthnContextClassRef>
> </saml:AuthnContext>
>
> Regards,
> Muein
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user