SP Signed SAML requests

Mike Flynn shibbolethlynda at yahoo.com
Fri Feb 15 11:12:43 EST 2013

Thanks, Peter.  I see this:

requireSignedAssertions (boolean) (defaults to false)

In my app defaults I also have this:

<ApplicationDefaults  signing="true" id="default" policyId="default" REMOTE_USER="eppn" entityID="https://shib.lynda.com/shibboleth-sp" homeURL="https://shib.lynda.com/InCommon">

I just want to confirm - This is the signing setting that I should set to "false" - Correct?

 From: Peter Schober <peter.schober at univie.ac.at>
To: users at shibboleth.net 
Sent: Friday, February 15, 2013 8:04 AM
Subject: Re: SP Signed SAML requests
* Mike Flynn <shibbolethlynda at yahoo.com> [2013-02-15 15:23]:
> How do I turn this off?

Have a look at the ApplicationDefaults/@signing attribute (or
ApplicationOverride/@signing, of course):
which could also be overridden for a specific relying party:

> It must have been a default setting as I have never changed this
>from my initial install in 2009.

The IdP can also signal WantAuthnRequestsSigned="true" in their
metadata, another place to look at,
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130215/1cc62285/attachment.html 

More information about the users mailing list