SAML Module
Note
The module com.phenixidentity~phenix-saml is central for processing of SAML federations. It's responsible for managing metadata, parsing, signing, verification, creation etc. of SAML assertions.
Basic Information
This module will load SAML metadata from:
- Internal IDPs
- Internal SPs (for example SPBroker)
- External entities from configuration
- This can either be a resource
- Embedded directly into the configuration
- Or a file on disk
- Or an URL to an external metadata file
- The metadata may be either
- A single SAML metadata entity, or
- A federation with multiple SAML metadata entities
- This can either be a resource
- The metadata will be updated automatically
- When configurtion affecting it has been modified
- When the metadata's cache duration has expired
Configuration
| Name | Description | Mandatory/Default value |
|---|---|---|
| defaultSignatureAlgo | The default signature algorithm | http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 |
| samlMetadataWorkerPoolSize | The number of threads for the SAML metadata worker pool. Some CPU intensive metadata operations are offloaded to a separate worker pool. If multiple instances of the SAML module has been deployed, the same worker pool is shared among all deployed instances. |
4 |