Friday Sep 05, 2014

Crypto Settings in OIF

In this article, I will cover the various crypto configuration properties in OIF that are used to affect the Federation SSO exchanges, including:

  • Hashing algorithm used for signatures
    • SHA-1
    • SHA-256
  • Which outgoing SAML messages will be signed
  • Which incoming SAML messages will require to be signed
  • Whether or not to include the X.509 signing certificate in the outgoing signed XML message
  • Whether or not to encrypt SAML 2.0 messages:
    • Assertion
    • NameID
    • Attribute

Enjoy the reading!

[Read More]

Tuesday Mar 04, 2014

Key and Certificate Management/Rollover in OIF/STS

As part of the Federation and WS-Trust protocol interaction, OIF/OSTS will need to use PKI Keys and Certificates for non repudiation and integrity via the use of digital signatures and confidentiality via digital encryption.

In this article, I discuss about the Keys and Certificates management, including how to:

  • Generate new keys and certificates
  • Configure OIF and OSTS to use the new keys and certificates
  • Implement a key rollover on a per partner basis
  • Distribute the new certificates to partners
[Read More]
About

Damien Carru is a member of the Oracle Identity Management organization, focusing on Federation and SSO. This blog will cover Federation use cases involving Oracle Access Manager, Oracle Identity Federation and Oracle Security Token Service

Search

Categories
Archives
« September 2015
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today