Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-17966

SAML IdP does not use entity specific encryption algorithms

    XMLWordPrintable

    Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Not a defect
    • 7.1.0
    • None
    • SAML
    • AdoptOpenJDK-11.0.11+9 (build 11.0.11+9)
      Apache Tomcat 9.0.46
      AM 7.1.0
      DS 7.1.0
    • Rank:
      1|i04xja:

      Description

      Bug description

      Encryption algorithm configured for the IdP entity are not used when encrypting (parts) of the SAML response.

      How to reproduce the issue

      1. Configure some AM as SAML SP
      2. Configure AM as SAML IdP (in sub-realm) in some circle of trust (standalone mode)
      3. Exchange meta data to establish trust
      4. Configure IdP entity specific encryption algorithm to be different from global Common Federation Configuration (see attached screenshots)
      5. Enable NameId encryption
      6. Perform SAML SP-initiated SSO flow
      Expected behaviour
      IdP uses entity specific algorithm for encryption.
      
      Current behaviour
      IdP uses algorithm configured in the global 'Common Federation Configuration' for encryption.
      

        Attachments

          Activity

            People

            Unassigned Unassigned
            bthalmayr Bernhard Thalmayr
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: