Hyland Connect

scott_lee · ‎07-10-2017

Hello, I'm trying to configure Alfresco with AD FS SAML 2.0. In our organization, one of the requirements is that the signed AuthnRequest is with a SHA256 signature. Is there a way to have Alfresco support this? It appears that it's defaulting to SHA1.

arebegea · ‎07-17-2017

It is a bug. The request sent by Alfresco to the IdP is using the SHA-1 default algorithm. We will also fix the documentation here: Configuring AD FS with SAML SSO | Alfresco Documentation :

Click the Advanced tab, and select SHA-1 in Secure hash algorithm. Click OK.

View answer in original post

janv · ‎07-12-2017

Hi Scott,

Can I assume you are using the Enterprise SAML module ?

If so, please also contact Alfresco Support so that they can help raise & track this issue.

Regards,

Jan

resplin · ‎07-12-2017

In addition to Jan's good advice, I want to confirm that it should be using SHA-256. We will investigate if this is a bug in the product, and if it is we will fix it in a service pack. A support case will help us to track our efforts.

arebegea · ‎07-17-2017

It is a bug. The request sent by Alfresco to the IdP is using the SHA-1 default algorithm. We will also fix the documentation here: Configuring AD FS with SAML SSO | Alfresco Documentation :

Click the Advanced tab, and select SHA-1 in Secure hash algorithm. Click OK.

Hyland Connect

saml ad fs sha256