Table of Contents
Advertisement
Embedded Service Provider: (Liberty only) Access Gateway and application server agents
(J2EE or Windows) include an Embedded Service Provider (ESP) that can be trusted by
identity providers. ESPs run in the same enterprise as the identity provider, and are therefore
created and configured in the same directory. The ESP enables all of the single-sign on
functionality for Access Gateway or agent. Installed ESPs are displayed in a drop-down list for
you to select as a trusted entity. You do not need to enter metadata for an ESP; it is
automatically generated.
Manual Entry: (SAML 1.1 only) Allows you to enter metadata values manually. When you
select this option, the system displays the Enter Metadata Values page. See
1.1 Identity Provider's Metadata" on page
5 Click Next.
6 Review the metadata certificates, then select one of the following actions:
For a service provider, continue with
For an identity provider, click Next, then continue with
7 (Identity Provider only) Configure an authentication card to use with this identity provider. Fill
in the following fields:
ID: (Optional) Specify an alphanumeric value that identifies the card. If you need to reference
this card outside of the Administration Console, you need to specify a value here. If you do not
assign a value, the Identity Server creates one for its internal use
Text: Specify the text that is displayed on the card to the user.
Login URL: (Conditional) If you are configuring an authentication card for SAML 1.1,
specify an Intersite Transfer Service URL.The URL has the following format, where
idp.sitea.novell.com is the DNS name of the identity provider and idp.siteb.novell.com is the
name of the service provider:
https://idp.sitea.novell.com:8443/nidp/saml/idpsend?PID=https://
idp.siteb.novell.com:8443/nidp/saml/metadata&TARGET=https://
idp.siteb.novell.com:8443/nidp/app
For more information, see
Option" on page
151.
Image: Specify the image to be displayed on the card. Select the image from the drop down
list. To add an image to the list, click <Select local image>.
Show Card: Determine whether the card is shown to the user, which allows the user to select
and use the card for authentication. If this option is not selected, the card is only used when a
service provider makes a request for the card.
8 Click Finish. The system displays the trusted provider on the protocol page.
156.
Step
8.
"Specifying the Intersite Transfer Service URL for the Login URL
"Editing a SAML
Step
7.
Configuring SAML and Liberty Trusted Providers 147
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
Related Products for Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP2 Beta 1
- Novell Access Manager 3.1 SP 2
- NOVELL CLIENT LOGIN EXTENSION 3.7 - ADMINISTRATION
- NOVELL IDENTITY ASSURANCE SOLUTION 3.0.2 - ADMINISTRATION
- NOVELL IDENTITY MANAGER 3.6.1 - STAGING BEST PRACTICES GUIDE 2010
- NOVELL IDENTITY MANAGER 3.6.1 - NULL SERVICE AND LOOPBACK SERVICE DRIVERS
- NOVELL IDENTITY MANAGER 3.6.1 - JOBS GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - TASK SERVICE DRIVER
- NOVELL IFOLDER 3 - ADMINISTRATION
- NOVELL POLICIES IN IMANAGER 3.6.1 - 06-05-2009
- NOVELL POLICY IN DESIGNER 3.5 - 09-18-2009