OpenAM Configured SAML Response Encryption

一笑奈何 提交于 2020-01-25 20:57:10

问题


How do I configure OpenAM (with OpenDS behind it as the identity provider) to encrypt the SAML Response Assertion?

The messages are working fine, but I want to encrypt the Assertions with a certificate I have placed into the OpenAM keystore.jks. I can't find anything in the documents.


回答1:


SAML does not support ecryption of the whole Response and there shoudnt be any sensetive information in it besides in the assertion. The assertion or attributes is probably what you want to encrypt. Elements that can be encrypted are NameID, assertion attributes and whole assertions.

Encryption of the assertion or attributes can be set up in the Service provider configuration in OpenAM.

OpenAM Main Page -> Federation -> Entity Providers -> Click the service proved you want to give encrypted assertion -> Assertion Content -> Encryption -> check assertion



来源:https://stackoverflow.com/questions/17959420/openam-configured-saml-response-encryption

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!