Address SIDP-209: Enforce metadata SPSSODescriptor/@AuthnRequestsSigned on SAML 2...

author putmanb <putmanb@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>

Fri, 18 Jul 2008 22:09:25 +0000 (22:09 +0000)

committer putmanb <putmanb@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>

Fri, 18 Jul 2008 22:09:25 +0000 (22:09 +0000)
author putmanb <putmanb@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 18 Jul 2008 22:09:25 +0000 (22:09 +0000)
committer putmanb <putmanb@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Fri, 18 Jul 2008 22:09:25 +0000 (22:09 +0000)
diff --git a/src/installer/resources/conf-tmpl/relying-party.xml b/src/installer/resources/conf-tmpl/relying-party.xml

index 33f90a2..ed623ea 100644 (file)
--- a/src/installer/resources/conf-tmpl/relying-party.xml
+++ b/src/installer/resources/conf-tmpl/relying-party.xml
@@ -172,6 +172,7 @@
      <security:SecurityPolicy id="shibboleth.SAML2SSOSecurityPolicy" xsi:type="security:SecurityPolicyType">
          <security:Rule xsi:type="samlsec:Replay"/>
          <security:Rule xsi:type="samlsec:IssueInstant"/>
+        <security:Rule xsi:type="samlsec:SAML2AuthnRequestsSigned"/>
          <security:Rule xsi:type="samlsec:ProtocolWithXMLSignature" trustEngineRef="shibboleth.SignatureTrustEngine" />
          <security:Rule xsi:type="samlsec:SAML2HTTPRedirectSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine" />
          <security:Rule xsi:type="samlsec:SAML2HTTPPostSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine" />
author	putmanb <putmanb@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
	Fri, 18 Jul 2008 22:09:25 +0000 (22:09 +0000)
committer	putmanb <putmanb@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
	Fri, 18 Jul 2008 22:09:25 +0000 (22:09 +0000)