[Idpy-discuss] Notes: idpy dev call, 20 August 2019

Giuseppe De Marco giuseppe.demarco at unical.it
Wed Sep 4 12:48:11 UTC 2019


Hi,
just an update related to a shared topic.

Il giorno mar 20 ago 2019 alle ore 16:13 Heather Flanagan <
hlflanagan at sphericalcowgroup.com> ha scritto:

>
> 2) Encrypt Assertion if SP have encrytion keys into its metadata (as
> Shibboleth already does). I'll have to dug into code to make a proposal, if
> there come some suggestions: I'll appreciate.
>

In uniauth I just implemented this behaviour:

if IDP.config.metadata.certs(self.sp['id'], "spsso", use="encryption") ->
encrypt_assertion, encrypt_advice_attributes and
encrypt_assertion_self_contained = True
It works with pysaml2 SP but not with Shibboleth SP, this latter cannot
decrypt/parse the assertions. Is there any clue before opening an issue on
pysaml2 github?

I'm acqually disabling encryption with 'disable_encrypted_assertions'
parameter set to global (it acts over all the sp).
regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sunet.se/pipermail/idpy-discuss/attachments/20190904/99379780/attachment.html>


More information about the Idpy-discuss mailing list