Fixes and improvements for satosa-saml-metadata #429
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi @c00kiemon5ter ,
I am working on a new feature for my deployment where I'd rely on the metadata created by
satosa-saml-metadata
- I'd then register this metadata into our federation.When trying to use it, I found the metadata would always be signed - but for this purpose, I'd rather avoid having the signature embedded (on the EntityDescriptor for a single SP) - so I've added a
--no-sign
option. And with this option, I made the signing cert and key optional.I also found the metadata was missing the encryption keys (
KeyDescriptor use="encryption"
) - and I found it was because SATOSA SAML Backend makes changes to the loaded config, but this change was missed by the satosa-saml-metadata tool because of how it was referring to the config - found this was an easy fix to make.Do these two changes look to you OK to merge?
Thanks a lot in advance for getting back to me.
Cheers,
Vlad
All Submissions: