diff --git a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
index 66bfb65ca..6497608a0 100644
--- a/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
+++ b/backend/src/main/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
@@ -104,7 +104,8 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                 'xmlns:security': 'urn:mace:shibboleth:2.0:security',
                 'xmlns:saml2': 'urn:oasis:names:tc:SAML:2.0:assertion',
                 'xmlns:xenc11': 'http://www.w3.org/2009/xmlenc11#',
-                'xmlns:alg': 'urn:oasis:names:tc:SAML:metadata:algsupport'
+                'xmlns:alg': 'urn:oasis:names:tc:SAML:metadata:algsupport',
+                'xmlns:ds': 'http://www.w3.org/2000/09/xmldsig#'
         ) {
             filter.unknownXMLObjects.each { xmlObject ->
                 {
diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/algorithm/AbstractAlgorithmIdentifierType.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/algorithm/AbstractAlgorithmIdentifierType.java
index fcca2dd08..99fdc3bfa 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/algorithm/AbstractAlgorithmIdentifierType.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/domain/filters/algorithm/AbstractAlgorithmIdentifierType.java
@@ -6,7 +6,10 @@
 import lombok.Setter;
 import lombok.ToString;
 import org.hibernate.envers.Audited;
+import org.opensaml.core.xml.XMLObject;
+import org.opensaml.xmlsec.encryption.AlgorithmIdentifierType;
 
+import javax.annotation.Nullable;
 import javax.persistence.Entity;
 
 @Entity
@@ -15,6 +18,19 @@
 @Setter
 @ToString
 @EqualsAndHashCode(callSuper = true)
-public abstract class AbstractAlgorithmIdentifierType extends AbstractXMLObject {
+public abstract class AbstractAlgorithmIdentifierType extends AbstractXMLObject implements AlgorithmIdentifierType {
     private String algorithm;
+
+    @Nullable
+    @Override
+    public XMLObject getParameters() {
+        // implement?
+        return null;
+    }
+
+    @Override
+    public void setParameters(@Nullable final XMLObject newParameters) {
+        // do nothing?
+    }
+
 }
\ No newline at end of file
diff --git a/backend/src/main/resources/jpa-saml2-metadata-ds-config.xml b/backend/src/main/resources/jpa-saml2-metadata-ds-config.xml
deleted file mode 100644
index 3a0eed8f0..000000000
--- a/backend/src/main/resources/jpa-saml2-metadata-ds-config.xml
+++ /dev/null
@@ -1,23 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<XMLTooling xmlns="http://www.opensaml.org/xmltooling-config"
-            xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-            xmlns:ds="http://www.w3.org/2000/09/xmldsig"
-            xsi:schemaLocation="http://www.opensaml.org/xmltooling-config ../../src/schema/xmltooling-config.xsd
-                                http://www.w3.org/2000/09/xmldsig https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd">
-
-    <ObjectProviders>
-        <!-- AlgorithmDigestMethod provider -->
-        <ObjectProvider qualifiedName="ds:DigestMethod">
-            <BuilderClass className="edu.internet2.tier.shibboleth.admin.ui.domain.SignatureDigestMethodBuilder"/>
-            <MarshallingClass className="org.opensaml.xmlsec.signature.impl.DigestMethodMarshaller"/>
-            <UnmarshallingClass className="org.opensaml.xmlsec.signature.impl.DigestMethodUnmarshaller"/>
-        </ObjectProvider>
-
-        <ObjectProvider qualifiedName="ds:DigestMethodType">
-            <BuilderClass className="edu.internet2.tier.shibboleth.admin.ui.domain.SignatureDigestMethodBuilder"/>
-            <MarshallingClass className="org.opensaml.xmlsec.signature.impl.DigestMethodMarshaller"/>
-            <UnmarshallingClass className="org.opensaml.xmlsec.signature.impl.DigestMethodUnmarshaller"/>
-        </ObjectProvider>
-
-    </ObjectProviders>
-</XMLTooling>
\ No newline at end of file
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializerForTest.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializerForTest.groovy
index 4ac1ba2b1..f84afdcc5 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializerForTest.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializerForTest.groovy
@@ -6,7 +6,7 @@ class JPAXMLObjectProviderInitializerForTest extends AbstractXMLObjectProviderIn
     @Override
     protected String[] getConfigResources() {
         return new String[]{
-                "/jpa-saml2-metadata-config.xml", "jpa-saml2-metadata-algorithm-config.xml", "jpa-saml2-metadata-ds-config.xml"
+                "/jpa-saml2-metadata-config.xml", "jpa-saml2-metadata-algorithm-config.xml", "jpa-encryption-config.xml", "jpa-signature-config.xml"
         }
     }
 }
\ No newline at end of file
diff --git a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
index 0ca8ca3a3..1bdf0f791 100644
--- a/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
+++ b/backend/src/test/groovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImplTests.groovy
@@ -4,11 +4,18 @@ package edu.internet2.tier.shibboleth.admin.ui.service
 import edu.internet2.tier.shibboleth.admin.ui.AbstractBaseDataJpaTest
 import edu.internet2.tier.shibboleth.admin.ui.configuration.PlaceholderResolverComponentsConfiguration
 import edu.internet2.tier.shibboleth.admin.ui.configuration.ShibUIConfiguration
+import edu.internet2.tier.shibboleth.admin.ui.domain.AlgorithmDigestMethod
+import edu.internet2.tier.shibboleth.admin.ui.domain.EncryptionMethod
+import edu.internet2.tier.shibboleth.admin.ui.domain.SignatureDigestMethod
+import edu.internet2.tier.shibboleth.admin.ui.domain.SigningMethod
+import edu.internet2.tier.shibboleth.admin.ui.domain.XSString
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.EntityAttributesFilterTarget
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.MetadataFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.RequiredValidUntilFilter
 import edu.internet2.tier.shibboleth.admin.ui.domain.filters.algorithm.Entity
+import edu.internet2.tier.shibboleth.admin.ui.domain.filters.algorithm.MGF
+import edu.internet2.tier.shibboleth.admin.ui.domain.filters.algorithm.PRF
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ClasspathMetadataResource
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.DynamicHttpMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.ExternalMetadataResolver
@@ -19,6 +26,7 @@ import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.SvnMetadataResour
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.TemplateScheme
 import edu.internet2.tier.shibboleth.admin.ui.domain.resolvers.opensaml.OpenSamlChainingMetadataResolver
 import edu.internet2.tier.shibboleth.admin.ui.opensaml.OpenSamlObjects
+import edu.internet2.tier.shibboleth.admin.ui.opensaml.config.JPAXMLObjectProviderInitializerForTest
 import edu.internet2.tier.shibboleth.admin.ui.repository.MetadataResolverRepository
 import edu.internet2.tier.shibboleth.admin.ui.util.TestObjectGenerator
 import edu.internet2.tier.shibboleth.admin.util.AttributeUtility
@@ -48,7 +56,6 @@ import java.time.Instant
 
 import static edu.internet2.tier.shibboleth.admin.ui.util.TestHelpers.generatedXmlIsTheSameAsExpectedXml
 
-@ContextConfiguration(classes=[ JPAMRSIConfig, PlaceholderResolverComponentsConfiguration ])
 @ContextConfiguration(classes=[ JPAMRSIConfig, PlaceholderResolverComponentsConfiguration, JPAXMLObjectProviderInitializerForTest ])
 class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest {
 
@@ -217,9 +224,12 @@ class JPAMetadataResolverServiceImplTests extends AbstractBaseDataJpaTest {
         filter.addUnknownXMLObject(encryptionMethod)
 
         EncryptionMethod encryptionMethod2 = getEncryptionMethod("http://www.w3.org/2009/xmlenc11#rsa-oaep")
-//        MGF mgf = new MGF()
-//        mgf.setAlgorithm("http://www.w3.org/2009/xmlenc11#mgf1sha256")
-//        encryptionMethod2.addUnknownXMLObject(mgf)
+        MGF mgf = new MGF()
+        mgf.setAlgorithm("http://www.w3.org/2009/xmlenc11#mgf1sha256")
+        encryptionMethod2.addUnknownXMLObject(mgf)
+        PRF prf = new PRF()
+        prf.setAlgorithm("http://www.w3.org/2009/xmlenc11#mgf1sha384")
+        encryptionMethod2.addUnknownXMLObject(prf)
         SignatureDigestMethod dm = getSignatureDigestMethod("http://www.w3.org/2001/04/xmlenc#sha256")
         encryptionMethod2.addUnknownXMLObject(dm)
         filter.addUnknownXMLObject(encryptionMethod2)
diff --git a/backend/src/test/resources/conf/2268-complex.xml b/backend/src/test/resources/conf/2268-complex.xml
index cb4615a40..ee76b2f84 100644
--- a/backend/src/test/resources/conf/2268-complex.xml
+++ b/backend/src/test/resources/conf/2268-complex.xml
@@ -1,36 +1,29 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<MetadataProvider xmlns="urn:mace:shibboleth:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-                  id="ShibbolethMetadata"
-                  xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
-                                      urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd
-                                      urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd
-                                      urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd
-                                      urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd"
+<MetadataProvider id="ShibbolethMetadata"
+                  xmlns="urn:mace:shibboleth:2.0:metadata"
+                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                  xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd"
                   xsi:type="ChainingMetadataProvider">
-    <MetadataFilter xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+    <MetadataFilter xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"
+                    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
                     xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
                     xmlns:security="urn:mace:shibboleth:2.0:security"
                     xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"
-                    xmlns:ds="http://www.w3.org/2000/09/xmldsig"
-                    xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"
-                    xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
-                                        urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd
-                                        urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd
-                                        urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd
-                                        urn:oasis:names:tc:SAML:metadata:algsupport https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-algsupport-v1.0.xsd
-                                        http://www.w3.org/2000/09/xmldsig# https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd
-                                        http://www.w3.org/2009/xmlenc11# https://www.w3.org/TR/xmlenc-core1/xenc-schema-11.xsd
-                                        http://www.w3.org/2000/09/xmldsig https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"
+                    xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:metadata:algsupport https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-algsupport-v1.0.xsd http://www.w3.org/2000/09/xmldsig# https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd http://www.w3.org/2009/xmlenc11# https://www.w3.org/TR/xmlenc-core1/xenc-schema-11.xsd"
                     xsi:type="Algorithm">
+
         <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
         <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
             <xenc11:MGF Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha256"/>
+            <xenc11:PRF Algorithm="http://www.w3.org/2009/xmlenc11#mgf1sha384"/>
             <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
         </md:EncryptionMethod>
 
-        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha51"/>
         <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
 
-        <Entity>https://sp2.example.org</Entity>
+        <Entity>https://broken.example.org/sp</Entity>
+
     </MetadataFilter>
 </MetadataProvider>
\ No newline at end of file
diff --git a/backend/src/test/resources/conf/2268-simple.xml b/backend/src/test/resources/conf/2268-simple.xml
index e4365da17..daf8c5fac 100644
--- a/backend/src/test/resources/conf/2268-simple.xml
+++ b/backend/src/test/resources/conf/2268-simple.xml
@@ -1,25 +1,22 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<MetadataProvider xmlns="urn:mace:shibboleth:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-                  id="ShibbolethMetadata"
-                  xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
-                                      urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd
-                                      urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd
-                                      urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd
-                                      urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd"
+<MetadataProvider id="ShibbolethMetadata"
+                  xmlns="urn:mace:shibboleth:2.0:metadata"
+                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+                  xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:resource http://shibboleth.net/schema/idp/shibboleth-resource.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd"
                   xsi:type="ChainingMetadataProvider">
-    <MetadataFilter xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
-                    xmlns:security="urn:mace:shibboleth:2.0:security" xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"
-                    xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd
-                                        urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd
-                                        urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd
-                                        urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd
-                                        urn:oasis:names:tc:SAML:metadata:algsupport https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-algsupport-v1.0.xsd
-                                        http://www.w3.org/2000/09/xmldsig# https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd
-                                        http://www.w3.org/2009/xmlenc11# https://www.w3.org/TR/xmlenc-core1/xenc-schema-11.xsd"
+    <MetadataFilter xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"
+                    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                    xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+                    xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+                    xmlns:security="urn:mace:shibboleth:2.0:security"
+                    xmlns:xenc11="http://www.w3.org/2009/xmlenc11#"
+                    xsi:schemaLocation="urn:mace:shibboleth:2.0:metadata http://shibboleth.net/schema/idp/shibboleth-metadata.xsd urn:mace:shibboleth:2.0:security http://shibboleth.net/schema/idp/shibboleth-security.xsd urn:oasis:names:tc:SAML:2.0:assertion http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd urn:oasis:names:tc:SAML:2.0:metadata http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd urn:oasis:names:tc:SAML:metadata:algsupport https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-algsupport-v1.0.xsd http://www.w3.org/2000/09/xmldsig# https://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd http://www.w3.org/2009/xmlenc11# https://www.w3.org/TR/xmlenc-core1/xenc-schema-11.xsd"
                     xsi:type="Algorithm">
+
         <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
 
         <Entity>https://broken.example.org/sp</Entity>
         <Entity>https://also-broken.example.org/sp</Entity>
+
     </MetadataFilter>
 </MetadataProvider>
\ No newline at end of file