Hello Dimitar,
just to get this right: While in the SLS way, I can just use the /nwa/auth -> Components way to setup a Login-Module-Stack (marking all modules as REQUISITE) and be done. While for SAML2 I have to go through all the hoops of writing policy scripts?
I don't need such a complex script, because I don't need any extra prompts/etc, because my radius server is happy with the normal user password (it does some complex out of band yes/no-decision, basicly).
Also I am a bit confused by you mentioning TOTP: I don't want to use TOTP at all.
(Still looking at the Note and the references docs…)
Thanks already!