Avoiding signed requests verification by shibboleth IDP
Cantor, Scott
cantor.2 at osu.edu
Thu Sep 5 14:14:31 EDT 2013
On 9/5/13 2:10 PM, "kotesh201" <koteshwarv at gmail.com> wrote:
>If I keep the certificates in metadata of SPs and have the TrustEngine
>defined for those certificates in IDP, it is working fine.
You don't need a special TrustEngine, you simply need the right metadata,
the same as with any use of the software.
>
>But in my scenario, I don't have control on Service provider
>configurations
>and I would like to turn off IDP to verify any signed requests signature
>permanently.
Well, then I guess you can choose to do that if you like. Just disable the
Security rule for the relevant profile at the bottom of the file.
-- Scott
More information about the users
mailing list