Skip to end of metadata
Go to start of metadata

 The sso-sp-config.properties file is the global configuration file for generic SSO configurations in AS.

File Details

  • File Name: sso-sp-config.properties
  • Location<PRODUCT_HOME>/repository/conf/security

Descriptions of Properties



Use this property to enable users to log in using SAML2SSO.
EnableOpenIDLogin=falseUse this property to enable users to log in using OpenID.
SkipURIs=URIs to skip authentication.
handleConsumerURLAfterSLO=trueThis property is used to automatically redirect the consumer URL from the acs page after SLO.

This is the URL of the page that is used for selecting the login scheme, such as SAML SSO or OpenID. This URL will not be processed by the SSOAgentFilter or the SAMLSSOValve.

SAML2SSOURL=samlssoThe URL that is used for sending SAMLSSO authentication requests.
SAML.IssuerID=avis.comA unique identifier for the SAML 2.0 Service Provider application.
ApplicationServerURL=https://localhost:9444Application server URL.
SAML.ConsumerUrlPostFix=/acsThe URL path of the SAML 2.0 assertion consumer.
SAML.ConsumerUrl=http://localhost:8080/avis.com/home.jspThe URL of the SAML 2.0 assertion consumer.
SAML2.IdPURL=https://localhost:9443/samlssoThe URL of the SAML 2.0 identity provider.
SAML2.IdPEntityId=https://localhost:9443/samlssoThis is the Identity Provider Entity ID.

This is the attribute name under which the authenticated session information of SAML SSO and OpenID are stored.


Identifier given for the service provider for SAML 2.0 attribute exchange.

SAML2.RelayState=index.jspSAML relay state.
SAML2.EnableSLO=trueSpecify if SingleLogout is enabled/disabled.
SAML2.SLOURL=logoutThis is the URL that is used for SLO.
SAML2.EnableResponseSigning=trueThis property determines whether the SAMLResponse element is signed.
SAML2.EnableAssertionEncryption=falseThis property determines whether the SAMLAssertion element is encrypted.
SAML2.EnableRequestSigning=trueThis property determines whether the AuthnRequests and LogoutRequests should be signed.
SAML2.IsForceAuthn=falseThis property determines whether force authentication is enabled.
SAML2.IsPassiveAuthn=falseThis property determines whether passive authentication is enabled.
SAML.SSOAgentCredentialImplClass=org.wso2.carbon.identity.sso.agent.saml.SSOAgentKeyStoreCredentialCustom credentials class.
SAML.KeyStorePassword=wso2carbonPassword of the keystore.
SAML.IdPCertAlias=wso2carbonAlias of the identity provider's public certificate.
SAML.PrivateKeyAlias=wso2carbonAlias of the service provider's private key.

Private key password to retrieve the private key used for signing AuthnRequest and LogoutRequest messages.

SAML.Request.Query.Param=&forceAuth=trueAdditional request parameters.
  • No labels