ssoadm command line utility that comes with OpenSSO is indeed a very handy little piece of tool
Here are few examples for some not so common usages of ssoadm, which I learnt and want to share
1) Here was a request to the users alias "does someone know the ssoadm command to change signature algorithm for saml2 assertion ( typically to choose RSA-SHA256 ) ? ( corresponding to the gui for the admin console in Configuration/Global/federation/Signature ) "
You should be able to use "ssoadm set-attr-defs" to set the signature algorithm and "ssoadm get-attr-defs" to see the updated value.
./ssoadm set-attr-defs -s sunFAMFederationCommon -t Global -u amadmin -f /usr/tmp/pass -a "SignatureAlgorithm=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
bash-3.00# ./ssoadm get-attr-defs -s sunFAMFederationCommon -t Global -u amadmin -f /usr/tmp/pass
(Thanks Charles)
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment