Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-542

Support enabling encryption on a per SP basis


    • Icon: Feature Request Feature Request
    • Resolution: Won't Do
    • Icon: Minor Minor
    • None
    • PLINK_2.1.X
    • SAML
    • None

      We have an IDP that integrates with several cloud SaaS providers. They run all types of SP software and want all kinds of different looking assertions.

      In particular we now have one vendor that wants our assertions to be encrypted while others do not.

      Setting <Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2EncryptionHandler" /> and <PicketLinkIDP xmlns="urn:picketlink:identity-federation:config:2.1" SupportsSignatures="true" Encrypt="true">
      in the IDP picketlink.xml is an all or nothing change that affects all of our SP integrations.

      We would like to be able to enable and disable Encryption on a per SP basis similar to how we can currently set AuthnRequestsSigned="false" WantAssertionsSigned="true" in sp-metadta.

            Unassigned Unassigned
            rhit_dminnich Dustin Minnich
            0 Vote for this issue
            2 Start watching this issue