<AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</AuthenticationMethod>
</LoginHandler>
+ <!-- Username/password login handler -->
+ <!--
<LoginHandler xsi:type="UsernamePassword"
jaasConfigurationLocation="file://$IDP_HOME$/conf/login.config">
<AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthenticationMethod>
</LoginHandler>
+ -->
<!--
Removal of this login handler will disable SSO support, that is it will require the user to authenticate
-->
<ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile"
includeAttributeStatement="false"
- assertionLifetime="300000" />
+ assertionLifetime="300000"
+ signResponses="conditional"
+ signAssertions="never" />
<ProfileConfiguration xsi:type="saml:SAML1AttributeQueryProfile"
- assertionLifetime="300000" />
+ assertionLifetime="300000"
+ signResponses="conditional"
+ signAssertions="never" />
- <ProfileConfiguration xsi:type="saml:SAML1ArtifactResolutionProfile" />
+ <ProfileConfiguration xsi:type="saml:SAML1ArtifactResolutionProfile"
+ signResponses="conditional"
+ signAssertions="never" />
<ProfileConfiguration xsi:type="saml:SAML2SSOProfile"
includeAttributeStatement="true"
assertionLifetime="300000"
- assertionProxyCount="0" />
+ assertionProxyCount="0"
+ signResponses="conditional"
+ signAssertions="never"
+ encryptAssertions="conditional"
+ encryptNameIds="conditional" />
<ProfileConfiguration xsi:type="saml:SAML2AttributeQueryProfile"
assertionLifetime="300000"
- assertionProxyCount="0" />
+ assertionProxyCount="0"
+ signResponses="conditional"
+ signAssertions="never"
+ encryptAssertions="conditional"
+ encryptNameIds="conditional" />
- <ProfileConfiguration xsi:type="saml:SAML2ArtifactResolutionProfile" />
+ <ProfileConfiguration xsi:type="saml:SAML2ArtifactResolutionProfile"
+ signResponses="conditional"
+ signAssertions="never"
+ encryptAssertions="conditional"
+ encryptNameIds="conditional"/>
</DefaultRelyingParty>