See this example. Has to be configured on both sides:
https://github.com/keycloak/keycloak/tree/master/examples/saml/post-with-...
SAML encryption encrypts the assertion part of the login response only.
You MUST and SHOULD still use HTTPS. SAML encryption isn't a
replacement for that.
On 2/4/2016 6:20 AM, Arulkumar Ponnusamy wrote:
I have enabled encryption on keycloak-saml file.. However i dont see
any encryption happened on SAML request.. Similarly. When idp sends
encrypted response, keycloak sp couldn't handle and throwing null
pointer exception.. Is it a defect?.. M using HTTP POST binding..
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com