<documentation>Used to ignore NoPassive errors in AssertionConsumerService endpoints</documentation>
</annotation>
</attribute>
+
+ <attribute name="signing" type="conf:bindingBoolean">
+ <annotation>
+ <documentation>Used to override signing property in SingleLogoutService/etc endpoints</documentation>
+ </annotation>
+ </attribute>
+
+ <attribute name="encryption" type="conf:bindingBoolean">
+ <annotation>
+ <documentation>Used to override encryption property in SingleLogoutService/etc endpoints</documentation>
+ </annotation>
+ </attribute>
<attributeGroup name="SessionInitiatorGroup">
<annotation>
<attribute name="requestDelegation" type="boolean"/>
<attribute name="target" type="anyURI"/>
<attribute name="discoveryPolicy" type="conf:string"/>
+ <attribute name="signing" type="conf:bindingBoolean"/>
+ <attribute name="encryption" type="conf:bindingBoolean"/>
<anyAttribute namespace="##any" processContents="lax"/>
</attributeGroup>
<attribute name="outgoingBindings" type="conf:listOfURIs"/>
<attribute name="template" type="anyURI"/>
<attribute name="postArtifact" type="boolean"/>
+ <attribute name="signing" type="conf:bindingBoolean"/>
+ <attribute name="encryption" type="conf:bindingBoolean"/>
<anyAttribute namespace="##any" processContents="lax"/>
</attributeGroup>
{
const EntityDescriptor* entity = role ? dynamic_cast<const EntityDescriptor*>(role->getParent()) : nullptr;
const PropertySet* relyingParty = application.getRelyingParty(entity);
- pair<bool,const char*> flag = relyingParty->getString("signing");
+ pair<bool,const char*> flag = getString("signing",
+ !getElement() || XMLString::equals(getElement()->getNamespaceURI(), shibspconstants::SHIB2SPCONFIG_NS) ? nullptr : m_configNS.get());
+ if (!flag.first)
+ flag = relyingParty->getString("signing");
if (SPConfig::shouldSignOrEncrypt(flag.first ? flag.second : defaultSigningProperty, destination, encoder.isUserAgentPresent())) {
CredentialResolver* credResolver = application.getCredentialResolver();
if (credResolver) {
}
const NameID* nameid = session.getNameID();
- pair<bool,const char*> flag = relyingParty->getString("encryption");
+ pair<bool, const char*> flag = getString("encryption");
+ if (!flag.first)
+ flag = relyingParty->getString("encryption");
auto_ptr_char dest(endpoint);
if (SPConfig::shouldSignOrEncrypt(flag.first ? flag.second : "conditional", dest.get(), encoder != nullptr)) {
try {