Details

    • Type: New Feature
    • Status: Closed
    • Priority: Minor
    • Resolution: Complete
    • Affects Version/s: None
    • Fix Version/s: saml-1.0.0.RC1
    • Component/s: saml
    • Labels:
      None

      Description

      It should be possible to supply additional processing instructions as part of the metadata. At least the following options should be available: signing key, encryption key, logout request/response signatures, artifact resolution signatures. Extension should be available for both local and remote service/identity providers.

        Activity

        Hide
        vsch Vladimir Schäfer added a comment -

        Extended metadata can now be specified as part of the springSecurity configuration with the following options:

        alias = part of URL identifying the service provider
        securityProfile = MetaIOP | PKIX
        signingKey = key used for signing of outgoing messages / verification of incoming ones
        encryptionKey = key used to decrypt incoming messages / encrypt outgoing
        tlsKey = key used for client authentication in SSL/TLS connections or to verify server identity
        trustedKeys = CA keys used as anchors for PKIX security
        requireLogoutRequestSigned = requirement stating the logout requests must be signed
        requireLogoutResponseSigned
        requireArtifactResolveSigned

        Show
        vsch Vladimir Schäfer added a comment - Extended metadata can now be specified as part of the springSecurity configuration with the following options: alias = part of URL identifying the service provider securityProfile = MetaIOP | PKIX signingKey = key used for signing of outgoing messages / verification of incoming ones encryptionKey = key used to decrypt incoming messages / encrypt outgoing tlsKey = key used for client authentication in SSL/TLS connections or to verify server identity trustedKeys = CA keys used as anchors for PKIX security requireLogoutRequestSigned = requirement stating the logout requests must be signed requireLogoutResponseSigned requireArtifactResolveSigned

          People

          • Assignee:
            vsch Vladimir Schäfer
            Reporter:
            vsch Vladimir Schäfer
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development