Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-17909

exported SAML meta data does not include KeyDescriptor when entity specific secret id is not configured

    XMLWordPrintable

    Details

    • Bug
    • Status: In Progress
    • Major
    • Resolution: Unresolved
    • 7.1.0
    • None
    • Amster, SAML, ssoadm
    • Azul OpenJDK Runtime Environment Zulu11.39+15-CA (build 11.0.7+10-LTS)
      FR DS 7.1.0 with AM profiles
      Apache Tomcat 9.0.46
      FR AM 7.1.0
    • Rank:
      1|i04t3y:
    • AM Sustaining Sprint 86, AM Sustaining Sprint 87, AM Sustaining Sprint 88, AM Sustaining Sprint 89
    • 4

      Description

      Bug description

      KeyDescriptor is missing from IdP meta data export when no entity specific secret id is configured.

      How to reproduce the issue

      1. Configure DS 7.1.0 with AM profiles
      2. Configure AM 7.1.0
      3. Create hosted SAML IdP in sub-realm
      4. Export IdP meta data via 'ssoadm export-entity' or 'amster'
      Expected behaviour
      KeyDescriptor element should be included in the SAML meta data
      
      Current behaviour
      KeyDescriptor element is missing from SAML meta data
      

       

      Note:

      The SAML response sent by the IdP is digitally signed, so in general the global secret is used.

        Attachments

          Activity

            People

            ioannis.sotiropoulos Ioannis Sotiropoulos
            bthalmayr Bernhard Thalmayr
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:

                Time Tracking

                Estimated:
                Original Estimate - 32h
                32h
                Remaining:
                Remaining Estimate - 24h
                24h
                Logged:
                Time Spent - Not Specified Time Not Required
                Not Specified