sharptooth
Mar 24, 2017Nimbostratus
Revisiting SignatureMethod Algorithm
Following this question we've now run into a scenario on APM 11.6.1 where the SAML response message is rejected by the SP. In this instance the SP is Kentor AuthServices Owin Middleware. The most recent update to this component means only SHA256 or stronger signatures are accepted. Have there been in changes in later versions or are there any plans to allow the SignatureMethod Algorithm to be configured to something stronger than http://www.w3.org/2000/09/xmldsigrsa-sha1?