Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

There is currently no officially supported method of disabling the Unsolicited SSO support for SAML 2 separately from the overall support for SAML 2 SSO. If you need to disable this feature for now, you would need to edit system/conf/webflow-config.xml and remove the flow/endpoint definition, and maintain that change across upgrades.

Another way you can disable support this for feature for specific services is by modifying their SAML metadata to include AuthnRequestSigned="true" in the <SPSSODescriptor> element. Doing so causes the IdP to require requests from that SP to be signed, and since this protocol does not allow for signing, it will cause such requests to fail with an error.

Request Interface

SAML 1.x

...