SP Signed SAML requests

Peter Schober peter.schober at univie.ac.at
Fri Feb 15 11:04:40 EST 2013

* Mike Flynn <shibbolethlynda at yahoo.com> [2013-02-15 15:23]:
> How do I turn this off?

Have a look at the ApplicationDefaults/@signing attribute (or
ApplicationOverride/@signing, of course):
which could also be overridden for a specific relying party:

> It must have been a default setting as I have never changed this
>from my initial install in 2009.

The IdP can also signal WantAuthnRequestsSigned="true" in their
metadata, another place to look at,

More information about the users mailing list