1 260
szerkesztés
Módosítások
→Advanced SAML2 settings
=== Advanced SAML2 settings ===
SAML2 defines several properties of the authentication request message which may affect the authentication performed by the IdP.
{{STOP|'''Be careful when using these options.'''
IdPs that do not support these features might signal an error instead of performing any kind of authentication of the user. Or might show errors ''after'' authenticating the user. Some kind of authentication methods (ie. HTTP Basic Auth) will never work even if the IdP software is capable of handling these properties. }}
==== isPassive ====
If <code>isPassive</code> is set, then the user is redirected to the IdP or to the Discovery Service in advance, but neither of them are allowed to take over the control of the user interface (such as performing any visible authentication). If authentication (or IdP selection) can not be performed silently, an error is returned, which is then handled by the module.
By using this option, you can auto-login users who are already logged in to the IdP even if you are using lazy sessions. If auto-login can not be performed, the user returns to Drupal unauthenticated without seeing any error message.
'''TODO''': Shibboleth settings
==== forceAuthn ====
== Change log ==
