Announcement Announcement Module
Collapse
No announcement yet.
How to set no signing and no encryption Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to set no signing and no encryption

    How can I generate or extend SP metadata so that both signing and encrypting are turned off?

    Thanks,
    Mark

  • #2
    In your generated SP.xml set AuthnRequestsSigned="false" and WantAssertionsSigned="false".

    And also delete the section which has encryption and signing key in the xml.
    The following sections should be removed
    <md:KeyDescriptor use="signing">
    ....
    <md:KeyDescriptor>
    <md:KeyDescriptor use="encryption">
    ....
    <md:KeyDescriptor>

    Use this edited xml under your "meta" bean....

    The sp.xml is the metadata that can be generated using the Sample web App that vladmir as provided.

    https://github.com/SpringSource/spring-security-saml
    Look for saml2-sample

    -Ram

    Comment


    • #3
      Thanks a lot Ram, your description is very useful.

      Mark

      Comment

      Working...
      X