Version 1

    Hi All,


    I am working on a project where picketlink is being used as the SP, Microsoft ADFS is the IDP. Picketlink version 2.6, JBOSS EAP 6.4


    We have a requirement that the SP should always request X509 or TLS certificate authentication, ie. we want the SAML Authentication request to look like this


    <samlp:AuthnRequest ...">
      <samlp:RequestedAuthnContext Comparison="exact">


    Seems like this should be in the SAML2 Authentication Handler SAML2AuthenticationHandler - PicketLink - Project Documentation Editor but I don't see it there.

    Does anyone have any pointers on how we might accomplish this requirement?