OIF 11g: Certifcate Validation Inheritance Explained (Doc ID 1276615.1)

Last updated on NOVEMBER 22, 2011

Applies to:

Oracle Identity Federation - Version: 11.1.1.1 to 11.1.1.1
Information in this document applies to any platform.

Goal

Qn1:

1) Out of the box (or after configuration), does OIF support signature inheritance? If so, how can this be defined on the Service Provider end such that it can interpret a signature outside of assertion tags as used for validation of the assertion?


2) As per the link:

http://download.oracle.com/docs/cd/E14571_01/oim.1111/e13400/configoif.htm#CACGEDEH

Under the section "Protocol Settings"

it shows options for what the IDP can sign: request - soap, response - http redirect, etc... does that mean that the OIF product can only support those listed protocols.


Qn2:
=== ODM Question ===
2) As per the link:

http://download.oracle.com/docs/cd/E14571_01/oim.1111/e13400/configoif.htm#CACGEDEH

Under the section "Protocol Settings"

it shows options for what the IDP can sign: request - soap, response - http redirect, etc... does that mean that the OIF product can only support those listed protocols.


Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms