[security-dev] How to configure ServiceProviderAuthenticator do HTTP Post or HTTP Redirect ?

Tuesday, 14 October 2014

Hi,

Instead of having to choose SPPostSignatureFromAuthenticator or
SPRedirectSignaturFormAuthenticator, can I just use ServiceProviderAuthenticator and
somehow configure it (in picketlink.xml or metadata config file) to do post or redirect ?

Another question, on SP side, I understand I need to have IDP's cert in my SP cert
store to be able to validate assertion
signature, but do I need to have IDP cert's root CA in my trust store ? In other
words, does SP side code (picketlink library)
check IDP cert's issuer against SP's trust store ?

Thanks,
Adam

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

[security-dev] How to configure ServiceProviderAuthenticator do HTTP Post or HTTP Redirect ?