How to specify signing responses?

Cantor, Scott cantor.2 at osu.edu
Wed Mar 11 13:01:36 EDT 2015


> Thanks Scott, that was really helpful in getting me along the right path.  I've
> worked out how to update the relying-parties.xml file and add the metadata
> extensions so I'm on my way.  And you are completely correct.  Turned out
> that the problem existed between my keyboard and chair.  I needed the
> opposite (assertions signed, response open).

If you absolutely need the response unsigned, then that's the change, buf if you wanted to just leave the defaults, but get it to sign assertions for some SP where the metadata is of your making (like a vendor), then you could just set the flag in the metadata to get that to happen. Which you probably already figured out, just noting it.

-- Scott




More information about the users mailing list