Created
July 15, 2014 13:25
-
-
Save moos3/ef04ff67286907b41dcf to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
09:17:00.855 - INFO [edu.internet2.middleware.shibboleth.common.config.BaseService:158] - Loading new configuration for service shibboleth.AttributeResolver | |
09:17:00.895 - INFO [edu.internet2.middleware.shibboleth.common.config.attribute.resolver.AbstractResolutionPlugInBeanDefinitionParser:55] - Parsing configuration for PrincipalConnector plugin with ID: shibTransient | |
09:17:00.896 - INFO [edu.internet2.middleware.shibboleth.common.config.attribute.resolver.AbstractResolutionPlugInBeanDefinitionParser:55] - Parsing configuration for PrincipalConnector plugin with ID: saml1Unspec | |
09:17:00.896 - INFO [edu.internet2.middleware.shibboleth.common.config.attribute.resolver.AbstractResolutionPlugInBeanDefinitionParser:55] - Parsing configuration for PrincipalConnector plugin with ID: saml2Transient | |
09:17:00.897 - INFO [edu.internet2.middleware.shibboleth.common.config.attribute.resolver.AbstractResolutionPlugInBeanDefinitionParser:55] - Parsing configuration for PrincipalConnector plugin with ID: saml2Persistent | |
09:17:00.903 - INFO [edu.internet2.middleware.shibboleth.common.config.attribute.resolver.AbstractResolutionPlugInBeanDefinitionParser:55] - Parsing configuration for DataConnector plugin with ID: myLDAP | |
09:17:00.907 - INFO [edu.internet2.middleware.shibboleth.common.config.attribute.resolver.AbstractResolutionPlugInBeanDefinitionParser:55] - Parsing configuration for DataConnector plugin with ID: myStoredId | |
09:17:00.983 - INFO [edu.internet2.middleware.shibboleth.common.config.attribute.resolver.AbstractResolutionPlugInBeanDefinitionParser:55] - Parsing configuration for AttributeDefinition plugin with ID: transientId | |
09:17:01.746 - INFO [edu.internet2.middleware.shibboleth.common.config.BaseService:180] - shibboleth.AttributeResolver service loaded new configuration | |
09:17:01.752 - INFO [edu.internet2.middleware.shibboleth.common.config.BaseService:158] - Loading new configuration for service shibboleth.AttributeFilterEngine | |
09:17:01.768 - INFO [edu.internet2.middleware.shibboleth.common.config.attribute.filtering.AttributeFilterPolicyBeanDefinitionParser:72] - Parsing configuration for attribute filter policy releaseTransientIdToAnyone | |
09:17:01.786 - INFO [edu.internet2.middleware.shibboleth.common.config.BaseService:180] - shibboleth.AttributeFilterEngine service loaded new configuration | |
09:17:01.793 - INFO [edu.internet2.middleware.shibboleth.common.config.BaseService:158] - Loading new configuration for service shibboleth.SAML1AttributeAuthority | |
09:17:01.798 - INFO [edu.internet2.middleware.shibboleth.common.config.BaseService:158] - Loading new configuration for service shibboleth.SAML2AttributeAuthority | |
09:17:01.805 - INFO [edu.internet2.middleware.shibboleth.common.config.BaseService:158] - Loading new configuration for service shibboleth.RelyingPartyConfigurationManager | |
09:17:01.881 - INFO [edu.internet2.middleware.shibboleth.common.config.relyingparty.RelyingPartyConfigurationBeanDefinitionParser:73] - Parsing configuration for relying party with id: anonymous | |
09:17:01.882 - INFO [edu.internet2.middleware.shibboleth.common.config.relyingparty.RelyingPartyConfigurationBeanDefinitionParser:73] - Parsing configuration for relying party with id: default | |
09:17:01.908 - INFO [edu.internet2.middleware.shibboleth.common.config.security.AbstractX509CredentialBeanDefinitionParser:63] - Parsing configuration for X509Filesystem credential with id: IdPCredential | |
09:17:01.975 - INFO [edu.internet2.middleware.shibboleth.common.config.security.StaticExplicitKeySignatureTrustEngineBeanDefinitionParser:52] - Parsing configuration for StaticExplicitKeySignature trust engine with id: shibboleth.MetadataTrustEngine | |
09:17:01.976 - INFO [edu.internet2.middleware.shibboleth.common.config.security.AbstractX509CredentialBeanDefinitionParser:63] - Parsing configuration for X509Filesystem credential with id: InCommonFederationCredentials | |
09:17:01.978 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ChainingSignatureTrustEngineBeanDefinitionParser:59] - Parsing configuration for SignatureChaining trust engine with id: shibboleth.SignatureTrustEngine | |
09:17:01.979 - INFO [edu.internet2.middleware.shibboleth.common.config.security.MetadataExplicitKeySignatureTrustEngineBeanDefinitionParser:50] - Parsing configuration for MetadataExplicitKeySignature trust engine with id: shibboleth.SignatureMetadataExplicitKeyTrustEngine | |
09:17:01.979 - INFO [edu.internet2.middleware.shibboleth.common.config.security.MetadataPKIXSignatureTrustEngineBeanDefinitionParser:52] - Parsing configuration for MetadataPKIXSignature trust engine with id: shibboleth.SignatureMetadataPKIXTrustEngine | |
09:17:01.980 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ChainingTrustEngineBeanDefinitionParser:59] - Parsing configuration for Chaining trust engine with id: shibboleth.CredentialTrustEngine | |
09:17:01.981 - INFO [edu.internet2.middleware.shibboleth.common.config.security.MetadataExplicitKeyTrustEngineBeanDefinitionParser:48] - Parsing configuration for MetadataExplicitKey trust engine with id: shibboleth.CredentialMetadataExplictKeyTrustEngine | |
09:17:01.982 - INFO [edu.internet2.middleware.shibboleth.common.config.security.MetadataPKIXX509CredentialTrustEngineBeanDefinitionParser:52] - Parsing configuration for MetadataPKIXX509Credential trust engine with id: shibboleth.CredentialMetadataPKIXTrustEngine | |
09:17:01.982 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ShibbolethSecurityPolicyBeanDefinitionParser:59] - Parsing configuration for SecurityPolicyType security policy with id: shibboleth.ShibbolethSSOSecurityPolicy | |
09:17:01.988 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ShibbolethSecurityPolicyBeanDefinitionParser:59] - Parsing configuration for SecurityPolicyType security policy with id: shibboleth.SAML1AttributeQuerySecurityPolicy | |
09:17:01.993 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ShibbolethSecurityPolicyBeanDefinitionParser:59] - Parsing configuration for SecurityPolicyType security policy with id: shibboleth.SAML1ArtifactResolutionSecurityPolicy | |
09:17:01.994 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ShibbolethSecurityPolicyBeanDefinitionParser:59] - Parsing configuration for SecurityPolicyType security policy with id: shibboleth.SAML2SSOSecurityPolicy | |
09:17:01.997 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ShibbolethSecurityPolicyBeanDefinitionParser:59] - Parsing configuration for SecurityPolicyType security policy with id: shibboleth.SAML2AttributeQuerySecurityPolicy | |
09:17:01.999 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ShibbolethSecurityPolicyBeanDefinitionParser:59] - Parsing configuration for SecurityPolicyType security policy with id: shibboleth.SAML2ArtifactResolutionSecurityPolicy | |
09:17:02.001 - INFO [edu.internet2.middleware.shibboleth.common.config.security.ShibbolethSecurityPolicyBeanDefinitionParser:59] - Parsing configuration for SecurityPolicyType security policy with id: shibboleth.SAML2SLOSecurityPolicy | |
09:17:50.067 - ERROR [edu.internet2.middleware.shibboleth.common.config.BaseService:188] - Configuration was not loaded for shibboleth.RelyingPartyConfigurationManager service, error creating components. The root cause of this error was: java.lang.NullPointerException: null |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<!-- | |
This file is an EXAMPLE configuration file. | |
This file specifies relying party dependent configurations for the IdP, for example, whether SAML assertions to a | |
particular relying party should be signed. It also includes metadata provider and credential definitions used | |
when answering requests to a relying party. | |
--> | |
<rp:RelyingPartyGroup xmlns:rp="urn:mace:shibboleth:2.0:relying-party" xmlns:saml="urn:mace:shibboleth:2.0:relying-party:saml" | |
xmlns:metadata="urn:mace:shibboleth:2.0:metadata" xmlns:resource="urn:mace:shibboleth:2.0:resource" | |
xmlns:security="urn:mace:shibboleth:2.0:security" xmlns:samlsec="urn:mace:shibboleth:2.0:security:saml" | |
xmlns:samlmd="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="urn:mace:shibboleth:2.0:relying-party classpath:/schema/shibboleth-2.0-relying-party.xsd | |
urn:mace:shibboleth:2.0:relying-party:saml classpath:/schema/shibboleth-2.0-relying-party-saml.xsd | |
urn:mace:shibboleth:2.0:metadata classpath:/schema/shibboleth-2.0-metadata.xsd | |
urn:mace:shibboleth:2.0:resource classpath:/schema/shibboleth-2.0-resource.xsd | |
urn:mace:shibboleth:2.0:security classpath:/schema/shibboleth-2.0-security.xsd | |
urn:mace:shibboleth:2.0:security:saml classpath:/schema/shibboleth-2.0-security-policy-saml.xsd | |
urn:oasis:names:tc:SAML:2.0:metadata classpath:/schema/saml-schema-metadata-2.0.xsd"> | |
<!-- ========================================== --> | |
<!-- Relying Party Configurations --> | |
<!-- ========================================== --> | |
<rp:AnonymousRelyingParty provider="https://idp.symplicity.com/idp/shibboleth" defaultSigningCredentialRef="IdPCredential"/> | |
<rp:DefaultRelyingParty provider="https://idp.symplicity.com/idp/shibboleth" defaultSigningCredentialRef="IdPCredential"> | |
<!-- | |
Each attribute in these profiles configuration is set to its default value, | |
that is, the values that would be in effect if those attributes were not present. | |
We list them here so that people are aware of them (since they seem reluctant to | |
read the documentation). | |
--> | |
<rp:ProfileConfiguration xsi:type="saml:ShibbolethSSOProfile" includeAttributeStatement="false" | |
assertionLifetime="PT5M" signResponses="conditional" signAssertions="never" | |
includeConditionsNotBefore="true"/> | |
<rp:ProfileConfiguration xsi:type="saml:SAML1AttributeQueryProfile" assertionLifetime="PT5M" | |
signResponses="conditional" signAssertions="never" | |
includeConditionsNotBefore="true"/> | |
<rp:ProfileConfiguration xsi:type="saml:SAML1ArtifactResolutionProfile" signResponses="conditional" | |
signAssertions="never"/> | |
<rp:ProfileConfiguration xsi:type="saml:SAML2SSOProfile" includeAttributeStatement="true" | |
assertionLifetime="PT5M" assertionProxyCount="0" | |
signResponses="never" signAssertions="always" | |
encryptAssertions="conditional" encryptNameIds="never" | |
includeConditionsNotBefore="true"/> | |
<rp:ProfileConfiguration xsi:type="saml:SAML2ECPProfile" includeAttributeStatement="true" | |
assertionLifetime="PT5M" assertionProxyCount="0" | |
signResponses="never" signAssertions="always" | |
encryptAssertions="conditional" encryptNameIds="never" | |
includeConditionsNotBefore="true"/> | |
<rp:ProfileConfiguration xsi:type="saml:SAML2AttributeQueryProfile" | |
assertionLifetime="PT5M" assertionProxyCount="0" | |
signResponses="conditional" signAssertions="never" | |
encryptAssertions="conditional" encryptNameIds="never" | |
includeConditionsNotBefore="true"/> | |
<rp:ProfileConfiguration xsi:type="saml:SAML2ArtifactResolutionProfile" | |
signResponses="never" signAssertions="always" | |
encryptAssertions="conditional" encryptNameIds="never"/> | |
<rp:ProfileConfiguration xsi:type="saml:SAML2LogoutRequestProfile" | |
signResponses="conditional"/> | |
</rp:DefaultRelyingParty> | |
<!-- ========================================== --> | |
<!-- Metadata Configuration --> | |
<!-- ========================================== --> | |
<!-- MetadataProvider the combining other MetadataProviders --> | |
<metadata:MetadataProvider id="ShibbolethMetadata" xsi:type="metadata:ChainingMetadataProvider" xmlns="urn:mace:shibboleth:2.0:metadata"> | |
<!-- Load the IdP's own metadata. This is necessary for artifact support. --> | |
<metadata:MetadataProvider id="IdPMD" xsi:type="metadata:FilesystemMetadataProvider" | |
metadataFile="/opt/shibboleth-idp/metadata/idp-metadata.xml" | |
maxRefreshDelay="P1D" /> | |
<!-- Example metadata provider. --> | |
<!-- Reads metadata from a URL and store a backup copy on the file system. --> | |
<!-- Validates the signature of the metadata and filters out all by SP entities in order to save memory --> | |
<!-- To use: fill in 'metadataURL' and 'backingFile' properties on MetadataResource element --> | |
<metadata:MetadataProvider id="URLMD_InCommon" xsi:type="metadata:FileBackedHTTPMetadataProvider" | |
metadataURL="http://md.incommon.org/InCommon/InCommon-metadata.xml" | |
backingFile="/opt/shibboleth-idp/metadata/InCommon-metadata.xml" maxRefreshDelay="PT1H" xmlns="urn:mace:shibboleth:2.0:metadata"> | |
<metadata:MetadataFilter xsi:type="metadata:ChainingFilter"> | |
<metadata:MetadataFilter xsi:type="metadata:RequiredValidUntil" | |
maxValidityInterval="P14D" /> | |
<metadata:MetadataFilter xsi:type="metadata:SignatureValidation" | |
trustEngineRef="shibboleth.MetadataTrustEngine" | |
requireSignedMetadata="true" /> | |
<metadata:MetadataFilter xsi:type="metadata:EntityRoleWhiteList"> | |
<metadata:RetainedRole>samlmd:SPSSODescriptor</metadata:RetainedRole> | |
</metadata:MetadataFilter> | |
</metadata:MetadataFilter> | |
</metadata:MetadataProvider> | |
<metadata:MetadataProvider xsi:type="metadata:FilesystemMetadataProvider" | |
id="TrustedPartners" | |
metadataFile="/opt/shibboleth-idp/metadata/TrustedPartners-metadata.xml" /> | |
</metadata:MetadataProvider> | |
<!-- ========================================== --> | |
<!-- Security Configurations --> | |
<!-- ========================================== --> | |
<security:Credential id="IdPCredential" xsi:type="security:X509Filesystem"> | |
<security:PrivateKey>/opt/shibboleth-idp/credentials/idp.key</security:PrivateKey> | |
<security:Certificate>/opt/shibboleth-idp/credentials/idp.crt</security:Certificate> | |
</security:Credential> | |
<!-- Trust engine used to evaluate the signature on loaded metadata. --> | |
<!-- | |
<security:TrustEngine id="shibboleth.MetadataTrustEngine" xsi:type="security:StaticExplicitKeySignature"> | |
<security:Credential id="MyFederation1Credentials" xsi:type="security:X509Filesystem"> | |
<security:Certificate>/opt/shibboleth-idp/credentials/federation1.crt</security:Certificate> | |
</security:Credential> | |
<security:Credential id="MyFederation1Credentials" xsi:type="security:X509Filesystem"> | |
<security:Certificate>/opt/shibboleth-idp/credentials/inc-md-cert.pem</security:Certificate> | |
</security:Credential> | |
</security:TrustEngine> | |
--> | |
<!-- | |
This TrustEngine (beneath the Security Configuration section) is an | |
implementation of the Explicit Key Trust Model (https://spaces.internet2.edu/x/t43NAQ). | |
To bootstrap the trust fabric of the federation, each relying party | |
obtains and configures an authentic copy of the federation operator’s | |
Metadata Signing Certificate (https://spaces.internet2.edu/x/moHFAg). | |
--> | |
<security:TrustEngine id="shibboleth.MetadataTrustEngine" xsi:type="security:StaticExplicitKeySignature"> | |
<security:Credential id="InCommonFederationCredentials" xsi:type="security:X509Filesystem"> | |
<security:Certificate>/opt/shibboleth-idp/credentials/inc-md-cert.pem</security:Certificate> | |
</security:Credential> | |
</security:TrustEngine> | |
<!-- DO NOT EDIT BELOW THIS POINT --> | |
<!-- | |
The following trust engines and rules control every aspect of security related to incoming messages. | |
Trust engines evaluate various tokens (like digital signatures) for trust worthiness while the | |
security policies establish a set of checks that an incoming message must pass in order to be considered | |
secure. Naturally some of these checks require the validation of the tokens evaluated by the trust | |
engines and so you'll see some rules that reference the declared trust engines. | |
--> | |
<security:TrustEngine id="shibboleth.SignatureTrustEngine" xsi:type="security:SignatureChaining"> | |
<security:TrustEngine id="shibboleth.SignatureMetadataExplicitKeyTrustEngine" xsi:type="security:MetadataExplicitKeySignature" metadataProviderRef="ShibbolethMetadata"/> | |
<security:TrustEngine id="shibboleth.SignatureMetadataPKIXTrustEngine" xsi:type="security:MetadataPKIXSignature" metadataProviderRef="ShibbolethMetadata"/> | |
</security:TrustEngine> | |
<security:TrustEngine id="shibboleth.CredentialTrustEngine" xsi:type="security:Chaining"> | |
<security:TrustEngine id="shibboleth.CredentialMetadataExplictKeyTrustEngine" xsi:type="security:MetadataExplicitKey" metadataProviderRef="ShibbolethMetadata"/> | |
<security:TrustEngine id="shibboleth.CredentialMetadataPKIXTrustEngine" xsi:type="security:MetadataPKIXX509Credential" metadataProviderRef="ShibbolethMetadata"/> | |
</security:TrustEngine> | |
<security:SecurityPolicy id="shibboleth.ShibbolethSSOSecurityPolicy" xsi:type="security:SecurityPolicyType"> | |
<security:Rule xsi:type="samlsec:Replay" required="false"/> | |
<security:Rule xsi:type="samlsec:IssueInstant" required="false"/> | |
<security:Rule xsi:type="samlsec:MandatoryIssuer"/> | |
</security:SecurityPolicy> | |
<security:SecurityPolicy id="shibboleth.SAML1AttributeQuerySecurityPolicy" xsi:type="security:SecurityPolicyType"> | |
<security:Rule xsi:type="samlsec:Replay"/> | |
<security:Rule xsi:type="samlsec:IssueInstant"/> | |
<security:Rule xsi:type="samlsec:ProtocolWithXMLSignature" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="security:ClientCertAuth" trustEngineRef="shibboleth.CredentialTrustEngine"/> | |
<security:Rule xsi:type="samlsec:MandatoryIssuer"/> | |
<security:Rule xsi:type="security:MandatoryMessageAuthentication"/> | |
</security:SecurityPolicy> | |
<security:SecurityPolicy id="shibboleth.SAML1ArtifactResolutionSecurityPolicy" xsi:type="security:SecurityPolicyType"> | |
<security:Rule xsi:type="samlsec:Replay"/> | |
<security:Rule xsi:type="samlsec:IssueInstant"/> | |
<security:Rule xsi:type="samlsec:ProtocolWithXMLSignature" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="security:ClientCertAuth" trustEngineRef="shibboleth.CredentialTrustEngine"/> | |
<security:Rule xsi:type="samlsec:MandatoryIssuer"/> | |
<security:Rule xsi:type="security:MandatoryMessageAuthentication"/> | |
</security:SecurityPolicy> | |
<security:SecurityPolicy id="shibboleth.SAML2SSOSecurityPolicy" xsi:type="security:SecurityPolicyType"> | |
<security:Rule xsi:type="samlsec:Replay"/> | |
<security:Rule xsi:type="samlsec:IssueInstant"/> | |
<security:Rule xsi:type="samlsec:SAML2AuthnRequestsSigned"/> | |
<security:Rule xsi:type="samlsec:ProtocolWithXMLSignature" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:SAML2HTTPRedirectSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:SAML2HTTPPostSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:MandatoryIssuer"/> | |
</security:SecurityPolicy> | |
<security:SecurityPolicy id="shibboleth.SAML2AttributeQuerySecurityPolicy" xsi:type="security:SecurityPolicyType"> | |
<security:Rule xsi:type="samlsec:Replay"/> | |
<security:Rule xsi:type="samlsec:IssueInstant"/> | |
<security:Rule xsi:type="samlsec:ProtocolWithXMLSignature" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:SAML2HTTPRedirectSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:SAML2HTTPPostSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="security:ClientCertAuth" trustEngineRef="shibboleth.CredentialTrustEngine"/> | |
<security:Rule xsi:type="samlsec:MandatoryIssuer"/> | |
<security:Rule xsi:type="security:MandatoryMessageAuthentication"/> | |
</security:SecurityPolicy> | |
<security:SecurityPolicy id="shibboleth.SAML2ArtifactResolutionSecurityPolicy" xsi:type="security:SecurityPolicyType"> | |
<security:Rule xsi:type="samlsec:Replay"/> | |
<security:Rule xsi:type="samlsec:IssueInstant"/> | |
<security:Rule xsi:type="samlsec:ProtocolWithXMLSignature" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:SAML2HTTPRedirectSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:SAML2HTTPPostSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="security:ClientCertAuth" trustEngineRef="shibboleth.CredentialTrustEngine"/> | |
<security:Rule xsi:type="samlsec:MandatoryIssuer"/> | |
<security:Rule xsi:type="security:MandatoryMessageAuthentication"/> | |
</security:SecurityPolicy> | |
<security:SecurityPolicy id="shibboleth.SAML2SLOSecurityPolicy" xsi:type="security:SecurityPolicyType"> | |
<security:Rule xsi:type="samlsec:Replay"/> | |
<security:Rule xsi:type="samlsec:IssueInstant"/> | |
<security:Rule xsi:type="samlsec:ProtocolWithXMLSignature" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:SAML2HTTPRedirectSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="samlsec:SAML2HTTPPostSimpleSign" trustEngineRef="shibboleth.SignatureTrustEngine"/> | |
<security:Rule xsi:type="security:ClientCertAuth" trustEngineRef="shibboleth.CredentialTrustEngine"/> | |
<security:Rule xsi:type="samlsec:MandatoryIssuer"/> | |
<security:Rule xsi:type="security:MandatoryMessageAuthentication"/> | |
</security:SecurityPolicy> | |
</rp:RelyingPartyGroup> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment