[Idpy-discuss] Notes: idpy dev call, 20 August 2019
Giuseppe De Marco
giuseppe.demarco at unical.it
Wed Sep 4 12:48:11 UTC 2019
Hi,
just an update related to a shared topic.
Il giorno mar 20 ago 2019 alle ore 16:13 Heather Flanagan <
hlflanagan at sphericalcowgroup.com> ha scritto:
>
> 2) Encrypt Assertion if SP have encrytion keys into its metadata (as
> Shibboleth already does). I'll have to dug into code to make a proposal, if
> there come some suggestions: I'll appreciate.
>
In uniauth I just implemented this behaviour:
if IDP.config.metadata.certs(self.sp['id'], "spsso", use="encryption") ->
encrypt_assertion, encrypt_advice_attributes and
encrypt_assertion_self_contained = True
It works with pysaml2 SP but not with Shibboleth SP, this latter cannot
decrypt/parse the assertions. Is there any clue before opening an issue on
pysaml2 github?
I'm acqually disabling encryption with 'disable_encrypted_assertions'
parameter set to global (it acts over all the sp).
regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sunet.se/pipermail/idpy-discuss/attachments/20190904/99379780/attachment.html>
More information about the Idpy-discuss
mailing list