Novell ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER Manual page 172

Figure 6-3
Relying Parties
X
1
Application
1. The user requests authentication at the Identity Server by entering the base URL of the Identity
Server in browser. This opens the user portal application.
2. The user selects an authentication card that requires a personal card.
3. From the available cards in CardSpace, the user selects the card that meets the security
requirements, and the CardSpace client software sends it to the Identity Server.
To configure this scenario:
1 In the Administration Console, click Devices > Identity Servers > Edit.
2 In the Enabled Protocols section, enable STS and CardSpace.
3 Click CardSpace > Authentication Card, then fill in the following fields:
ID: (Optional) Leave this field blank.
Text: Specify the text that is displayed on the card to the user, for example, CardSpace.
Image: Select the image from the drop-down list. For CardSpace, you can use the default
CardSpace image or any other image in the list.
Show Card: Enable the Show Card option. The Identity Server then displays this card as a
login option.
4 In the Profiles section, click New, then fill in the following fields:
Name: Specify a display name for the profile, such as Personal Card.
ID: (Optional) Leave this field blank.
Text: Specify the text that is displayed on the card to the user for this profile, such as Personal
Card.
Issuer: From the drop-down list, select Personal Card.
Token Type: SAML 1.1 is displayed as the token type for the assertion.
172 Novell Access Manager 3.1 SP1 Identity Server Guide
Using a Personal Card to Authenticate to a Relying Party
Y Z
Security
3
Token
Personal Card
Managed Card
2
CardSpace Client