Stages Documentation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Next revisionBoth sides next revision
72:integration:saml [2019/08/28 12:00] emr72:integration:saml [2019/10/11 20:55] emr
Line 1: Line 1:
 ====== Configure SAML Authentication ====== ====== Configure SAML Authentication ======
 +
 +[[:general:secadv-2019-01|Before you configure SAML, please assure you adhere to Security Advisory 2019-01]].
  
 SAML stands for Security Assertion Markup Language. It is a current standard for authenticating users in a distributed system. SAML stands for Security Assertion Markup Language. It is a current standard for authenticating users in a distributed system.
Line 41: Line 43:
                         providerId="<yourStagesURL>"                         providerId="<yourStagesURL>"
                         signatureKeyAlias="samlkeyalias"                         signatureKeyAlias="samlkeyalias"
-   >+>
         </service-provider>         </service-provider>
  
Line 61: Line 63:
  
   * EntityIdfromMetadata   * EntityIdfromMetadata
 +
   * SingleSignOnServiceLocationFromMetadata   * SingleSignOnServiceLocationFromMetadata
 +
   * DisplayName (alternative: FirstName, LastName)   * DisplayName (alternative: FirstName, LastName)
 +
   * EMailAddress   * EMailAddress
  
Line 76: Line 81:
                         nameIdPolicyFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"                         nameIdPolicyFormat="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
                         userFullnameTemplate="%firstname% %lastname%"                         userFullnameTemplate="%firstname% %lastname%"
-            >+         >
             <!-- hardcoded magic value that specifies the NameID from the SAML reply -->             <!-- hardcoded magic value that specifies the NameID from the SAML reply -->
             <identity-provider-attribute name="username" id="http://schemas.stages.methodpark.com/saml/v2/identity/claims/subject" />             <identity-provider-attribute name="username" id="http://schemas.stages.methodpark.com/saml/v2/identity/claims/subject" />
Line 158: Line 163:
 sendBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" sendBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
 </code> </code>
 +
 ===== Validated IdP Vendors ===== ===== Validated IdP Vendors =====
  
Line 163: Line 169:
  
   * Cisco Central Web Authentication (CWA)   * Cisco Central Web Authentication (CWA)
 +
   * Oracle Access Manager (OAM)   * Oracle Access Manager (OAM)
 +
   * Shibboleth IdP   * Shibboleth IdP