revert to use non-PKIX rules until type mismatches are resolved
[java-idp.git] / resources / conf / relying-party.xml
index def13f8..e33ee3b 100644 (file)
         engines and so you'll see some rules that reference the declared trust engines.
     -->
     
+    <security:TrustEngine id="shibboleth.SignatureTrustEngine" xsi:type="security:MetadataExplicitKeySignature"
+                              metadataProviderRef="ShibbolethMetadata" />
+                              
+    <security:TrustEngine id="shibboleth.CredentialTrustEngine" xsi:type="security:MetadataExplicitKey"
+                              metadataProviderRef="ShibbolethMetadata" />
+                              
+<!--
     <security:TrustEngine id="shibboleth.SignatureTrustEngine" xsi:type="security:Chaining">
         <security:TrustEngine id="shibboleth.SignatureMetadataExplicitKeyTrustEngine" xsi:type="security:MetadataExplicitKeySignature"
                               metadataProviderRef="ShibbolethMetadata" />                              
                               metadataProviderRef="ShibbolethMetadata" />
     </security:TrustEngine>
     
-    
     <security:TrustEngine id="shibboleth.CredentialTrustEngine" xsi:type="security:Chaining">
         <security:TrustEngine id="shibboleth.CredentialMetadataExplictKeyTrustEngine" xsi:type="security:MetadataExplicitKey"
                               metadataProviderRef="ShibbolethMetadata" />
         <security:TrustEngine id="shibboleth.CredentialMetadataPKIXTrustEngine" xsi:type="security:MetadataPKIXX509Credential"
                               metadataProviderRef="ShibbolethMetadata" />
     </security:TrustEngine>
-                          
-    
-    
+-->                      
+     
     <security:SecurityPolicy id="shibboleth.ShibbolethSSOSecurityPolicy" xsi:type="security:SecurityPolicyType">
         <security:Rule xsi:type="samlsec:IssueInstant" required="false"/>
         <security:Rule xsi:type="samlsec:MandatoryIssuer"/>