Page tree
Skip to end of metadata
Go to start of metadata

My third-party SAML SP product does not support encrypted assertions. For example ComponentSpace, Weblogic Server 11g.

How can I disable encryption of assertions?

Step-by-step guide

By default, the assertions created by Ubisecure SSO are encrypted. To disable assertion encryption, modify the third-party SP metadata before import to Ubisecure SSO. Consider security risks carefully before making these changes.

  1. Edit the SP metadata. Add use="signing" to the XML element KeyDescriptor. e.g. <md:KeyDescriptor use="signing">
  2. Activate the SP again using the Ubisecure SSO Management application