Hi all, Following configurable elements and improvements were added to SAML sso Idp side. Configurations can be done through UI.
- Signature Algorithm is configurable. It only supports RSA algorithms. - Authentication Context Class is configurable - Request Authentication Comparison Levels are configurable - Force Authentication option is configurable. (enable, disable , as per request) - NameId element is optional. It can be enabled or disabled - HTTP Binding is configurable (Redirect , POST, as per request) Previously POST requests were not supported and with the new implementation POST requests are also supported by the idp side. Since the signature algorithm is configurable, signature generation is done using opensaml. Does not use java security. Apart from above, the major change was to use org.wso2.carbon.identity.sso.agent 1.4.0 as a dependency and the saml sso authenticator is fully functioning using this agent (request generation , response processing).
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev