Federation Security Services Guide › Deploy Federation Using a Manual Configuration › Add Functionality to the Federation Deployment

Add Functionality to the Federation Deployment

After you complete the POST single sign-on configuration, you can add more features to the federated network.

The additional tasks covered in this deployment example are:

• Configuring single logout
• Configuring artifact single sign-on
• Adding an attribute to an assertion
• Enabling digital signing of an assertion
• Encrypting and decrypting an assertion

Note: Some of these additional features are required for single sign-on in a production environment, such as digital signing for POST binding. Required tasks are noted.

Configure Single Logout

The single logout protocol (SLO) results in the simultaneous end of all sessions for a particular user, to help ensure security. Associate these sessions with the browser that initiated the logout. Single logout does not necessarily end all sessions for a user.

Configuring single logout enables the Identity Provider and Service Provider to support the single logout protocol. The configuration also determines how single logout is handled.