Force SP to sign SOAP messages
David Sommer
david97sommer at gmail.com
Mon Jan 6 12:29:17 EST 2020
> You shouldn't have an AssertionConsumerService, you'd be very unlikely not to break the SP trying to do all that. Adding signing="true" to the <SSO> element would be another possible way to do it, which obviously limits it to SSO and not logout.
I haven't found a way to make <SSO> use HTTP-Artifact, therefore the SessionInitiator. Is there a way to use <SSO> if i want the IdP to send the <Response> by artifact?
More information about the users
mailing list