It was metadata related. It appears like it honors the metadata's preferences over the service config.
Changed: <md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> To: <md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> Thank you, Matt On Wednesday, December 15, 2021 at 9:32:12 AM UTC-5 Matthew Gordon wrote: > After applying the latest 6.3 version to mitigate the log4j issue, all > assertions seem to be signed despite "signAssertions": false, in the > service config. > > Any suggestions? > > Thank you, > Matt > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/94475af9-39ac-4e07-8f7a-3bcd464ad610n%40apereo.org.
