Signing propagating logout request with non-default credentials
daniel.lutz at switch.ch
Wed May 17 11:51:11 EDT 2017
I'm trying to configure logout propagation such that the SAML2 logout request
is signed with non-default credentials, looked up via a strategy.
It seems to me that this is not possible, since looking up a SignatureSigningConfiguration
is supported via ProfileConfigurations only, but there's no ProfileConfiguration available
for the logout propagation flow ("PropagateLogout"). Instead, the default SignatureSigningConfiguration
of the DefaultRelyingParty is used, as far as I could see.
Is there a way to specify a lookup stategy for looking up the SignatureSigningConfiguration
used by the logout propagation flow to sign the SAML2 logout request?
Thanks for any hint.
More information about the users