[OPENAM-15899] Have an option to add <ds:X509Certificate> tag in the signed SLO request - ForgeRock JIRA

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 6.5.2.2
Fix Version/s: 6.0.1, 6.5.3, 7.0.0, 5.5.2
Component/s: SAML
Labels:
- EDISON

Target Version/s:

5.5.3, 6.5.3

Sprint:
AM Sustaining Sprint 71, AM Sustaining Sprint 72
Story Points:
3

Support Ticket IDs:

Description

In a Signed SSO request with HTTP POST binding eg

http://sp.internal.example.com:38080/openam/saml2/jsp/spSSOInit.jsp?idpEntityID=http%3A%2F%2Fidp.internal.example.net%3A28080%2Fopenam&metaAlias=/sp&reqBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST

http://sp.internal.example.com:38080/openam/saml2/jsp/spSSOInit.jsp?idpEntityID=http%3A%2F%2Fidp.internal.example.net%3A28080%2Fopenam&metaAlias=/sp&reqBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POSTa <ds:X509Certificate> tag is found in the SP initiated SSO request

But in a signed SLO request, there is no such option and the <X509Certificate> tag is missing.

Attachments

Activity

People

Assignee:

Lawrence Yarham

Reporter:

Sam Phua

Votes:

1 Vote for this issue

Watchers:

3 Start watching this issue

Dates

Created:

04/Feb/20 1:13 AM

Updated:

16/Mar/20 2:34 PM

Resolved:

12/Feb/20 5:08 PM