libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

Update topics/saml/java/general-config/sp_element.adoc

Browse source
This commit is contained in:
Stian Thorgersen 2016-06-10 13:02:09 +02:00
parent cc2f100cab
commit 5c66715669
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
topics/saml/java/general-config/sp_element.adoc
View file

@ -16,7 +16,7 @@ Here is the explanation of the SP element attributes
---- ----
entityID:: entityID::
This is the identifier for this client. This is the identifier for this client.
The IDP needs this value to determine who the client is that is communicating with it. This setting _REQUIRED._ The IDP needs this value to determine who the client is that is communicating with it. This setting is _REQUIRED_.
sslPolicy:: sslPolicy::
This is the SSL policy the adapter will enforce. This is the SSL policy the adapter will enforce.
@ -24,24 +24,24 @@ sslPolicy::
For `ALL`, all requests must come in via HTTPS. For `ALL`, all requests must come in via HTTPS.
For `EXTERNAL`, only non-private IP addresses must come over the wire via HTTPS. For `EXTERNAL`, only non-private IP addresses must come over the wire via HTTPS.
For `NONE`, no requests are required to come over via HTTPS. For `NONE`, no requests are required to come over via HTTPS.
This is _OPTIONAL._. Default value is `EXTERNAL`. This settings is _OPTIONAL_. Default value is `EXTERNAL`.
nameIDPolicyFormat:: nameIDPolicyFormat::
SAML clients can request a specific NameID Subject format. SAML clients can request a specific NameID Subject format.
Fill in this value if you want a specific format. Fill in this value if you want a specific format.
It must be a standard SAML format identifier, i.e. `urn:oasis:names:tc:SAML:2.0:nameid-format:transient` It must be a standard SAML format identifier, i.e. `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
This setting is _OPTIONAL._. This setting is _OPTIONAL_.
By default, no special format is requested. By default, no special format is requested.
forceAuthentication:: forceAuthentication::
SAML clients can request that a user is re-authenticated even if they are already logged in at the IDP. SAML clients can request that a user is re-authenticated even if they are already logged in at the IDP.
Set this to `true` if you want this. This setting is _OPTIONAL._ and defaults to `false`. Set this to `true` if you want this. This setting is _OPTIONAL_ and defaults to `false`.
Default value is `false`. Default value is `false`.
isPassive:: isPassive::
SAML clients can request that a user is never asked to authenticate even if they are not logged in at the IDP. SAML clients can request that a user is never asked to authenticate even if they are not logged in at the IDP.
Set this to `true` if you want this. Set this to `true` if you want this.
Do not use together with `forceAuthentication` as they are opposite. This setting is _OPTIONAL._. Do not use together with `forceAuthentication` as they are opposite. This setting is _OPTIONAL_.
Default value is `false`. Default value is `false`.
turnOffChangeSessionIdOnLogin:: turnOffChangeSessionIdOnLogin::