Versions Compared

Old Version 7

changes.mady.by.user Rod Widdowson

Saved on

compared with

New Version 8

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleCommon
Include Page
ProfileConfiguration-Common
ProfileConfiguration-Common
Expand
titleSAML
Include Page
ProfileConfiguration-SAML
ProfileConfiguration-SAML
Expand
titleSAML 2.0
Include Page
ProfileConfiguration-SAML2
ProfileConfiguration-SAML2
Expand
titleSAML Artifact
Include Page
ProfileConfiguration-Artifact
ProfileConfiguration-Artifact
Expand
titleProfile-Specific
Include Page
ProfileConfiguration-SAML2Logout
ProfileConfiguration-SAML2Logout

Notes

The default values of signRequests and signResponses for this profile make a channel dependent choice.  Specifically it signs on the front-channel, and on the back-channel only if TLS isn't used (very unusual) or if the receiving port is 443. It assumes that traffic over 443 will be relying on message-based security measures (but see above), whereas traffic to an alternative TLS port like 8443 will be relying on mutual authentication and thus provide a secure channel.

...