The implementation will automatically use the authn=Force functionality to allow Identity Provider applications to repeatedly invoke the secure attribute transfer feature.
The mappings between the Service Provider application URL prefix to the Service Provider id have been explicitly defined in the product configuration.
Local Service Provider single logout functionality relies on OpenSSO Enterprise be able to redirect to an external URL during SAMLv2 single logout processing, and then resume the original SAMLv2 single logout when redirected back.
Cryptography APIs are assumed to be available on all targeted platforms and programming languages.