reauth-at-any-level
reauth-at-any-level = {yes|no}
Description
Controls Whether a different authentication level or mechanism is permitted during a reauthentication operation.
Options
yes During a reauthentication operation, a user can be authenticated using a different authentication level or mechanism from that which is currently held by the user. The user's new credential replaces the old one. If this configuration option is set to yes, the credential can change one or more times during the lifetime of the session. Also, the credential will always be updated upon a successful reauthentication regardless of the existing authentication level of the credential. no During a reauthentication operation, a user can only be authenticated at the same authentication level or mechanism as the user's current credential.
Usage: Required.
Default value no
Example:
reauth-at-any-level = no
Parent topic: [reauthentication] stanza