Bug 1542685 - [GSS] (6.4.z) PicketLink - configure the signature algorithm for IDP and SP
Summary: [GSS] (6.4.z) PicketLink - configure the signature algorithm for IDP and SP
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Enterprise Application Platform 6
Classification: JBoss
Component: PicketLink
Version: 6.4.18
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: CR1
: EAP 6.4.21
Assignee: jboss-set
QA Contact: Peter Mackay
URL:
Whiteboard:
Depends On:
Blocks: eap6421-payload 1615347
TreeView+ depends on / blocked
 
Reported: 2018-02-06 19:48 UTC by dhorton
Modified: 2021-09-09 13:09 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-08-19 12:41:33 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description dhorton 2018-02-06 19:48:07 UTC
Description of problem:

It needs to be possible to configure the signature algorithm for IDP and SP.


PLINK-497 needs to be backported to EAP 6.4.x

Fix committed here:
http://git.app.eng.bos.redhat.com/git/picketlink25.git/log/?h=2.5.5.SP8-redhat-1_JBEAP-14116

Comment 1 dhorton 2018-02-06 19:48:58 UTC
With this patch, the SIGN_METHOD and SIGN_DIGEST settings on the SAML2SignatureGenerationHandler work: 

    <Handler 
      class="org.picketlink.identity.federation.web.handlers.saml2.SAML2SignatureGenerationHandler" > 
      <Option Key="SIGN_METHOD" Value="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> 
      <Option Key="SIGN_DIGEST" Value="http://www.w3.org/2001/04/xmlenc#sha256"/> 
    </Handler>


Note You need to log in before you can comment on or make changes to this bug.