Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
72:integration:saml [2018/10/25 18:01] – emr | 72:integration:saml [2018/10/26 13:28] – emr | ||
---|---|---|---|
Line 39: | Line 39: | ||
< | < | ||
- | providerId=" | + | providerId="< |
signatureKeyAlias=" | signatureKeyAlias=" | ||
- | | + | |
</ | </ | ||
Line 58: | Line 58: | ||
The most reliable way to configure the SAML Identity Provider (IdP) is to ask the access management team for the IdP metadata. | The most reliable way to configure the SAML Identity Provider (IdP) is to ask the access management team for the IdP metadata. | ||
- | From this metadata, you will be able to derive the parameters for the following configuration: | + | From this metadata, you will be able to derive the parameters |
+ | |||
+ | * EntityIdfromMetadata | ||
+ | * SingleSignOnServiceLocationFromMetadata | ||
+ | * DisplayName (alternative: | ||
+ | * EMailAddress | ||
+ | |||
+ | for the following configuration: | ||
< | < | ||
Line 65: | Line 72: | ||
< | < | ||
- | providerId=" | + | providerId="< |
- | providerUrl=" | + | providerUrl="< |
nameIdPolicyFormat=" | nameIdPolicyFormat=" | ||
userFullnameTemplate=" | userFullnameTemplate=" | ||
- | | + | > |
<!-- hardcoded magic value that specifies the NameID from the SAML reply --> | <!-- hardcoded magic value that specifies the NameID from the SAML reply --> | ||
< | < | ||
<!-- either " | <!-- either " | ||
- | < | + | < |
- | < | + | < |
- | < | + | < |
- | < | + | < |
<!-- This matches if the SAML assertion contains a SAML attribute " | <!-- This matches if the SAML assertion contains a SAML attribute " | ||
Line 110: | Line 117: | ||
MIIDCTCC... | MIIDCTCC... | ||
- | //<Insert the X509Certificate " | + | < |
...Qwgf5bXby+ug== | ...Qwgf5bXby+ug== | ||
Line 133: | Line 140: | ||
After you configured the service provider and identity provider in '' | After you configured the service provider and identity provider in '' | ||
+ | |||
===== Generate the SAML SP metadata ===== | ===== Generate the SAML SP metadata ===== | ||
Line 141: | Line 149: | ||
===== Validated IdP Vendors ===== | ===== Validated IdP Vendors ===== | ||
- | The following IdP servers | + | Stages SAML has successfully been deployed with the following IdP servers: |
* Cisco Central Web Authentication (CWA) | * Cisco Central Web Authentication (CWA) | ||
+ | * Oracle Access Manager (OAM) | ||
* Shibboleth IdP | * Shibboleth IdP | ||