Update tooltips for 'Signature algorithm' for SAML client and SAML Identity provider (#4176)

closes #4167
This commit is contained in:
Douglas Palmer 2023-01-17 07:46:10 -08:00 committed by GitHub
parent c587a89405
commit 0c217c017e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 2 additions and 2 deletions

View file

@ -24,7 +24,7 @@
"optimizeLookup": "When signing SAML documents in REDIRECT binding for SP that is secured by Keycloak adapter, should the ID of the signing key be included in SAML protocol message in <Extensions> element? This optimizes validation of the signature as the validating party uses a single key instead of trying every known key for validation.", "optimizeLookup": "When signing SAML documents in REDIRECT binding for SP that is secured by Keycloak adapter, should the ID of the signing key be included in SAML protocol message in <Extensions> element? This optimizes validation of the signature as the validating party uses a single key instead of trying every known key for validation.",
"signDocuments": "Should SAML documents be signed by the realm?", "signDocuments": "Should SAML documents be signed by the realm?",
"signAssertions": "Should assertions inside SAML documents be signed? This setting is not needed if document is already being signed.", "signAssertions": "Should assertions inside SAML documents be signed? This setting is not needed if document is already being signed.",
"signatureAlgorithm": "The signature algorithm to use to sign documents.", "signatureAlgorithm": "The signature algorithm to use to sign documents. Note that 'SHA1' based algorithms are deprecated and can be removed in the future. It is recommended to stick to some more secure algorithm instead of '*_SHA1'",
"signatureKeyName": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counterparty, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.", "signatureKeyName": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counterparty, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.",
"canonicalization": "Canonicalization Method for XML signatures.", "canonicalization": "Canonicalization Method for XML signatures.",
"webOrigins": "Allowed CORS origins. To permit all origins of Valid Redirect URIs, add '+'. This does not include the '*' wildcard though. To permit all origins, explicitly add '*'.", "webOrigins": "Allowed CORS origins. To permit all origins of Valid Redirect URIs, add '+'. This does not include the '*' wildcard though. To permit all origins, explicitly add '*'.",

View file

@ -52,7 +52,7 @@
"httpPostBindingAuthnRequest": "Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", "httpPostBindingAuthnRequest": "Indicates whether the AuthnRequest must be sent using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.",
"httpPostBindingLogout": "Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.", "httpPostBindingLogout": "Indicates whether to respond to requests using HTTP-POST binding. If false, HTTP-REDIRECT binding will be used.",
"wantAuthnRequestsSigned": "Indicates whether the identity provider expects a signed AuthnRequest.", "wantAuthnRequestsSigned": "Indicates whether the identity provider expects a signed AuthnRequest.",
"signatureAlgorithm": "The signature algorithm to use to sign documents.", "signatureAlgorithm": "The signature algorithm to use to sign documents. Note that 'SHA1' based algorithms are deprecated and can be removed in the future. It is recommended to stick to some more secure algorithm instead of '*_SHA1'",
"samlSignatureKeyName": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counter-party, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.", "samlSignatureKeyName": "Signed SAML documents contain identification of signing key in KeyName element. For Keycloak / RH-SSO counter-party, use KEY_ID, for MS AD FS use CERT_SUBJECT, for others check and use NONE if no other option works.",
"wantAssertionsSigned": "Indicates whether this service provider expects a signed Assertion.", "wantAssertionsSigned": "Indicates whether this service provider expects a signed Assertion.",
"wantAssertionsEncrypted": "Indicates whether this service provider expects an encrypted Assertion.", "wantAssertionsEncrypted": "Indicates whether this service provider expects an encrypted Assertion.",