IdP should access signed AuthnRequest only

Cheops_u16 at Cheops_u16 at
Tue Sep 27 08:37:32 BST 2011


sorry, my first mail was not in text-format :(

is it possible to configure the IdP to accept signed AuthnRequests only?
I have my own SP working with SAML2-protocol.

In the idp-metadata.xml I set the option:

<IDPSSODescriptor wantAuthnRequestsSigned="true" ...

but this doesn't work. IdP accept unsigned AuthnRequests too.

Thanks for help.
Schon gehört? WEB.DE hat einen genialen Phishing-Filter in die
Toolbar eingebaut!

More information about the users mailing list