Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER Manual page 152

Figure 5-4
Identity Server
Site A
Identity Provider: A
DNS: idp.sitea.novell.com
If you want a card to appear that allows the user to log in to Site A (as shown in
need to specify a value for the Login URL option.
Using the DNS names from
https://idp.sitea.novell.com:8443/nidp/saml/idpsend?PID=https://
idp.siteb.novell.com:8443/nidp/saml/metadata&TARGET=https://
idp.siteb.novell.com:8443/nidp/app
The following happens when this link is invoked:
1. The browser performs a Get to the identity provider (Site A).
2. If the identity provider (Site A) trusts the service provider (Site B), the identity provider
prompts the user for authentication information and builds an assertion.
3. The identity provider (Site A) sends the user to the service provider (Site B) using the POST or
Artifact method.
4. The service provider (Site B) consumes the assertion and sends the user to the TARGET URL
(the user portal on Site B).
To configure the settings for the intersite transfer service.
1 Click Devices > Identity Servers > Edit > SAML1.1 > [Identity Provider] > Authentication
Card.
2 Fill in the following fields:
ID: (Optional) Specify an alphanumeric value that identifies the card. If you need to reference
this card outside of the Administration Console, you need to specify a value here. If you do not
assign a value, the Identity Server creates one for its internal use.
Text: Specify the text that is displayed on the card to the user.
152 Novell Access Manager 3.1 SP1 Identity Server Guide
Federated Identity Configuration
Identity Server
Site B
Identity Provider: B
Service Provider: 1
DNS: idp.siteb.novell.com
Figure
Access Gateway
URL: https://eng.provo.novell.com/myapp
5-4, the complete value for the Login URL option is as follows:
Service Provider: 2
DNS: eng.provo.novell.com
Web Server
Figure 5-3), you