SAMLAuthForSigning
Used to provide Authentication for independent signing services. Parses SAMLRequests containing SignMessage and provides a user-facing message showing them the message they are asked to sign, before dispatching the request to another authenticator for the actual authentication.
The endpoint can be used for regular authentication as well. Requests not containing a SignMessage will be dispatched to the nextAuthenticator in the configuration. Signing requests require the user to be authenticated prior to the signing request. If a user is signed in using a PrincipalSelection, the subsequent signing request cannot contain a different PrincipalSelection.
Properties
Example Configuration
{ "alias": "authforsigning", "name": "AuthForSigning", "configuration": { "nextAuthenticator": "myupwauthenticatoralias", "keystoreId": "myKeystoreId", "idpID": "myIdpID" } }
Requirements
Another SAML Authenticator configured.