The sso-sp-config.properties
file is the global configuration file for generic SSO configurations in AS.
File Details
- File Name: sso-sp-config
.properties
- Location:
<PRODUCT_HOME>/repository/conf/security
Descriptions of Properties
Properties | Description |
EnableSAML2SSOLogin=true | Use this property to enable users to log in using SAML2SSO. |
EnableOpenIDLogin=false | Use this property to enable users to log in using OpenID. |
EnableOAuth2SAML2Grant=false | |
SkipURIs= | URIs to skip authentication. |
handleConsumerURLAfterSLO=true | This property is used to automatically redirect the consumer URL from the acs page after SLO. |
LoginUrl=index.jsp | This is the URL of the page that is used for selecting the login scheme, such as SAML SSO or OpenID. This URL will not be processed by the SSOAgentFilter or the SAMLSSOValve. |
SAML2SSOURL=samlsso | The URL that is used for sending SAMLSSO authentication requests. |
SAML.IssuerID=avis.com | A unique identifier for the SAML 2.0 Service Provider application. |
ApplicationServerURL=https://localhost:9444 | Application server URL. |
SAML.ConsumerUrlPostFix=/acs | The URL path of the SAML 2.0 assertion consumer. |
SAML.ConsumerUrl=http://localhost:8080/avis.com/home.jsp | The URL of the SAML 2.0 assertion consumer. |
SAML2.IdPURL=https://localhost:9443/samlsso | The URL of the SAML 2.0 identity provider. |
SAML2.IdPEntityId=https://localhost:9443/samlsso | This is the Identity Provider Entity ID. |
SSOAgentSessionBeanName=SSOAgentSessionBean | This is the attribute name under which the authenticated session information of SAML SSO and OpenID are stored. |
QueryParamsAttrName="QueryParams" | |
SAML.AttributeConsumingServiceIndex=1701087467 | Identifier given for the service provider for SAML 2.0 attribute exchange. |
SAML2.RelayState=index.jsp | SAML relay state. |
SAML2.EnableSLO=true | Specify if SingleLogout is enabled/disabled. |
SAML2.SLOURL=logout | This is the URL that is used for SLO. |
SAML2.EnableResponseSigning=true | This property determines whether the SAMLResponse element is signed. |
SAML2.EnableAssertionEncryption=false | This property determines whether the SAMLAssertion element is encrypted. |
SAML2.EnableRequestSigning=true | This property determines whether the AuthnRequests and LogoutRequests should be signed. |
SAML2.IsForceAuthn=false | This property determines whether force authentication is enabled. |
SAML2.IsPassiveAuthn=false | This property determines whether passive authentication is enabled. |
SAML.SSOAgentCredentialImplClass=org.wso2.carbon.identity.sso.agent.saml.SSOAgentKeyStoreCredential | Custom credentials class. |
SAML.KeyStorePassword=wso2carbon | Password of the keystore. |
SAML.IdPCertAlias=wso2carbon | Alias of the identity provider's public certificate. |
SAML.PrivateKeyAlias=wso2carbon | Alias of the service provider's private key. |
SAML.PrivateKeyPassword=wso2carbon | Private key password to retrieve the private key used for signing AuthnRequest and LogoutRequest messages. |
SAML.Request.Query.Param=&forceAuth=true | Additional request parameters. |