SAML2AuthenticationHandler is configured as follows in SP: {code} <Handler class="org.picketlink.identity.federation.web.handlers.saml2.SAML2AuthenticationHandler"> <Option Key=" NAMEID_FORMAT" Value="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"/> <Option Key=" ASSERTION_SESSION_ATTRIBUTE_NAME" Value="samlResponse"/> </Handler> {code}
If an assertion is encrypted in IDP, it is stored in a session, but if encrypted, it is not stored in a session. Need support for encrypted assertion. |
|