Page Comparison

...

Expand

title	Properties

Security-related properties in conf/oidc.properties:

Name / Default	Type	Description
idp.signing.oidc.rs.key	JWK file pathname	JWK RSA signing keypair
idp.signing.oidc.es.key	JWK file pathname	JWK EC signing keypair
idp.signing.oidc.rsa.enc.key	JWK file pathname	JWK RSA decryption keypair
idp.oidc.signing.config shibboleth.oidc.SigningConfiguration	Bean ID	Allows override of default signing configuration
idp.oidc.encryption.config shibboleth.oidc.EncryptionConfiguration	Bean ID	Allows override of default encryption configuration
idp.oidc.rodecrypt.config shibboleth.oidc.requestObjectDecryptionConfiguration	Bean ID	Allows override of default request decryption configuration
idp.oidc.rovalid.config shibboleth.oidc.requestObjectSignatureValidationConfiguration	Bean ID	Allows override of default request signature validation configuration
idp.oidc.rovalid.config shibboleth.oidc.tokenEndpointJwtSignatureValidationConfiguration	Bean ID	Allows override of default JWT token validation configuration

Expand

title	Beans

Beans defined in conf/oidc-credentials.xml or internally for use in conf/relying-party.xml:

Name / Type	Description
shibboleth.JWKCredential net.shibboleth.idp.plugin.oidc.op.profile.spring.factory.BasicJWKCredentialFactoryBean	Spring factory bean for easy definition of JWK-formatted credentials
shibboleth.oidc.DefaultRSSigningCredential Credential	Default RSA signing keypair used with OIDC
shibboleth.oidc.DefaultESSigningCredential Credential	Default EC signing keypair used with OIDC
shibboleth.oidc.DefaultRSAEncryptionCredential Credential	Default RSA decryption keypair used with OIDC
shibboleth.oidc.SigningCredentials List<Credential>	List of signing keys available for use with OIDC
shibboleth.oidc.EncryptionCredentials List<Credential>	List of encryption keys available for use in decryption with OIDC
shibboleth.oidc.SigningCredentialsToPublish List<Credential>	List of signing keys to publish to RPs with OIDC
shibboleth.oidc.EncryptionCredentialsToPublish List<Credential>	List of encryption keys to publish to RPs with OIDC
shibboleth.oidc.DefaultSecurityConfiguration SecurityConfiguration	Default security configuration used by all OIDC profile beans
shibboleth.oidc.SigningConfiguration BasicSignatureSigningConfiguration	Default signing behavior for OIDC profiles, auto-wires default algorithms and signing keys
shibboleth.oidc.EncryptionConfiguration EncryptionConfiguration	Default encryption behavior for OIDC profiles, auto-wires default algorithms
shibboleth.oidc.requestObjectDecryptionConfiguration EncryptionConfiguration	Default decryption behavior for OIDC request decryption
shibboleth.oidc.requestObjectSignatureValidationConfiguration BasicSignatureSigningConfiguration	Default signature validation behavior for OIDC request signatures
shibboleth.oidc.tokenEndpointJwtSignatureValidationConfiguration BasicSignatureSigningConfiguration	Default signature validation behavior for validating JWTs used as endpoint credentials

Versions Compared

Old Version 7

New Version Current

Key