Expected Behavior
Support Azure AD's feature of Continuous access evaluation.
Current Behavior
Continuous access evaluation is not supported now.
Context
Refs: https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-continuous-access-evaluation
Comment From: jzheaux
Thanks for the suggestion, @chenrujun. Does the Azure Boot plugin already support this and can you point to the parts of the code that do?
Also, Spring Security tends to prioritize features that are based on an RFC. In the absence of that, what we can do is see what is challenging about vendors implementing this today and how we can simplify it. Seeing first how to implement without changes to Spring Security is usually the first step in an effort like this anyway. Are you able to produce a sample?
Comment From: spring-projects-issues
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.
Comment From: spring-projects-issues
Closing due to lack of requested feedback. If you would like us to look at this issue, please provide the requested information and we will re-open the issue.
Comment From: chenrujun
Hi, @jzheaux
Thanks for your response. And sorry for my late response.
Does the Azure Boot plugin already support this and can you point to the parts of the code that do?
No. spring-cloud-azure-starter-active-directory doesn't support this.
Spring Security tends to prioritize features that are based on an RFC.
I found this: https://openid.net/specs/openid-caep-specification-1_0.html
Are you able to produce a sample?
No. I'm not have this sample now. I need more investigation to product this sample.