Previous Topic: Enforce Assertion Encryption Requirements for Single Sign-onNext Topic: Supply SAML Attributes as HTTP Headers

Federation Security Services GuideConfigure SiteMinder as a SAML 2.0 Service ProviderEnforce Assertion Encryption Requirements for Single Sign-onSet Up Encryption for SSO

Set Up Encryption for SSO

To enforce encryption requirements

  1. From the Authentication Scheme Properties dialog box, click Additional Configuration.

    The SAML 2.0 Auth Scheme Properties dialog box opens.

  2. Select the Encryption tab.
  3. To require that only the Name ID be encrypted, select the Require Encrypted Name ID checkbox.
  4. To require that the entire assertion be encrypted, select the Require Encrypted Assertion checkbox.

    You can select the Name ID and the assertion.

  5. Optionally, specify an alias for the private key that will be used to decrypt any encrypted data in the assertion received from the Identity Provider.
  6. Click OK to save your changes.

Note: If you do not select the Encrypted Name ID or the Encrypted Assertion check box, the Service Provider accepts encrypted and clear-text Name IDs and assertions.