error with conditional signing/encryption relying-party.xml override
Gabor Gabanyi
gabanyga at oit.rutgers.edu
Thu Jun 23 01:07:45 UTC 2022
Hi Scott,
Thanks for the tip. In case it helps others, here's what we used:
...
<bean parent="SAML2.SSO" p:signAssertionsPredicate-ref="SignNoIntegrity"
p:encryptAssertionsPredicate-ref="EncryptNoConfidentiality" />
...
-Gabor
-------- Original Message --------
From: Cantor, Scott [mailto:cantor.2 at osu.edu]
Sent: Thursday, June 16, 2022, 4:18 PM EDT
To: Shib Users <users at shibboleth.net>
Cc: Gabor Gabanyi <gabanyga at oit.rutgers.edu>
Subject: error with conditional signing/encryption relying-party.xml override
> On 6/16/22, 4:08 PM, "users on behalf of Gabor Gabanyi via users" <users-bounces at shibboleth.net on behalf of users at shibboleth.net> wrote:
>
>> Is this error due to the predicate syntax changes between v3 and v4 outlined at <elided>
>
> Yes.
>
>> If so, what would be the correct way to define these conditional signing/encryption overrides?
>
> As the note says, check the Javadocs.
>
> https://shibboleth.atlassian.net/wiki/spaces/IDP4/pages/1265631694/SAML2SSOConfiguration
>
> Link to javadoc is in there, all the related topics contain such a link, as well as the note:
>
> Virtually all the configuration options below can be set via two different properties: a static property that explicitly sets the value to use and a lookup strategy or predicate property that takes a Function or Predicate and returns the value to use. The dynamic property is generally named "propertyNamePredicate" or "propertyNameLookupStrategy" for Boolean- and non-Boolean-valued properties respectively.
>
> -- Scott
>
>
More information about the users
mailing list