Before getting into the application coding and configuration of OpenSSO for Secure Attribute Exchange encryption, the administrator must decide:
The encryption algorithm (for example, AES or DES)
The key strength (key size)
The security mechanism (symmetric or asymmetric)
If using asymmetric encryption, make sure the identity provider's public key is accessible (for example, in a keystore or through a URL) to the application on the identity provider side. Additionally, add the public key of the application on the service provider side to the service provider's keystore.