The <SecurityPolicies> element is a container for one or more uniquely identified <Policy> elements that control low-level security and XML profile processing performed by the SP.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<Policy id="foo" validate="false">
<Rule<PolicyRule type="MessageFlow" checkReplay="true" expires="60"/>
<Rule<PolicyRule type="ClientCertAuth" errorFatal="true"/>
<Rule<PolicyRule type="XMLSigning" errorFatal="true"/>
<Rule<PolicyRule type="SimpleSigning" errorFatal="true"/>
<PolicyRule type="Conditions"/>
</Policy>
|
Attributes
id(XML ID)- Uniquely names this policy within the XML file.
validate(boolean) (defaults to false)- Enables or disables schema validation of XML when parsing messages at runtime. Includes all SAML and SOAP messages.
Child Elements
<Rule>(one or more)- Legacy syntax for security policy rules to use. Versions of the SP prior to 2.2 used this element, which accidentally conflicted with the same named element used in the access control syntax. It remains supported, but is deprecated.
Version 2.2 and Above
<PolicyRule>(one or more)- Security policy rules to use.