This release changes the default signature algorithm from RSA-SHA1 to RSA-SHA256. If the use of SHA1 is needed for legacy reasons, it is possible to modify the behaviour of OIOSAML using the following property in oiosaml-sp.properties

oiosaml-sp.signature.algorithm=http://www.w3.org/2000/09/xmldsig#rsa-sha1

Setting the above will override the default SHA256 algorithm, and force OIOSAML to use SHA1.

Filer og referencer