SAML2 Holder of key
Updated by Benjamin Dauvergne over 9 years ago
We only consider the IdP side of the holder-of-key subject confirmation
method in this ticket ?
That is checking if an SSL authentication happened and passing the
resulting key in as a SubjectConfirmationData whose xsi:type is
"saml:KeyInfoConfirmationType" and containg the client certificate in
a ds:KeyInfo node.
This event should happen only if a specific policy exists for the
requesting provider (default should be Bearer for WebSSO).