mirror of
https://github.com/netzbegruenung/meteor-accounts-saml.git
synced 2024-05-02 20:04:53 +02:00
Update README.md
added encryption section
This commit is contained in:
parent
290e5695bc
commit
d40a8835fb
|
@ -110,7 +110,14 @@ and if SingleLogout is needed
|
|||
3. Logon OpenSSO console as `amadmin` and select _Common Tasks > Register Remote Service Provider_
|
||||
4. Select the corresponding real and upload the metadata (alternatively, point OpenAM to the SP's metadata URL eg `http://sp.meteor.com/_saml/metadata/openam`). If all goes well the new SP shows up under _Federation > Entity Providers_
|
||||
|
||||
## Encryption
|
||||
The `<EncryptedAssertion>` element represents an assertion in encrypted fashion, as defined by the XML Encryption Syntax and Processing specification [XMLEnc](http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/). Encrypted assertions are intended as a confidentiality protection mechanism when the plain-text value passes through an intermediary.
|
||||
|
||||
The following schema fragment defines the `<EncryptedAssertion>` element:
|
||||
```
|
||||
<element name="EncryptedAssertion" type="saml:EncryptedElementType"/>
|
||||
```
|
||||
In case the SAML response contains an `<EncryptedAssertion>` element and the configuration key `privateKey` is set, the assertion get's decrypted and handled like it would be an unencrypted one.
|
||||
|
||||
## OpenIDP setup
|
||||
- EntryID = http://accounts-saml-example.meteor.com
|
||||
|
|
Loading…
Reference in a new issue