Fix explicit key credential trust engine to be an ExplicitKeyTrustEngine, not an...

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2473 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/resources/conf/relying-party.xml b/resources/conf/relying-party.xml
index c361551..c2085d8 100644 (file)
--- a/resources/conf/relying-party.xml
+++ b/resources/conf/relying-party.xml
@@ -140,7 +140,7 @@ uLZYahMs/RHvtYH5guRBzCYL5w73H7nq0F2A0U/gRoEZZXzVjgehR8QEAxELy1eE
     <security:TrustEngine id="shibboleth.SignatureTrustEngine" xsi:type="security:ExplicitKeySignature"
                           metadataProviderRef="ShibbolethMetadata" />
                           
-    <security:TrustEngine id="shibboleth.CredentialTrustEngine" xsi:type="security:ExplicitX509Credential"
+    <security:TrustEngine id="shibboleth.CredentialTrustEngine" xsi:type="security:ExplicitKey"
                           metadataProviderRef="ShibbolethMetadata" />
     
     <security:SecurityPolicy id="shibboleth.DefaultSecurityPolicy" xsi:type="security:SecurityPolicyType">
@@ -148,6 +148,7 @@ uLZYahMs/RHvtYH5guRBzCYL5w73H7nq0F2A0U/gRoEZZXzVjgehR8QEAxELy1eE
         <security:Rule xsi:type="samlsec:IssueInstant"/>
         <security:Rule xsi:type="samlsec:MandatoryIssuer"/>
         <security:Rule xsi:type="samlsec:ProtocolWithXMLSignature" trustEngineRef="shibboleth.SignatureTrustEngine" />
+        <security:Rule xsi:type="samlsec:SAML2HTTPRedirectSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine" />
         <security:Rule xsi:type="security:ClientCertAuth" trustEngineRef="shibboleth.CredentialTrustEngine" />
     </security:SecurityPolicy>