Creating Authentication Classes - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (30 pages)
Table of Contents
Advertisement
Any configured firewalls must allow NCP and LDAP traffic for the Administration
Console, the Identity Server, and the LDAP user store.
(Linux) Verify that you have installed the required packages. See
Console
Requirements" in the
If the objects exist, check for time synchronization problems. For more information, see
"Users Are Receiving Invalid Credential Messages" on page
5 In the Administration Console, modify the secret store configuration so that it is resent to the
user store:
5a Click Devices > Identity Servers > Edit > Liberty > Web Service Providers > Credential
Profile.
5b In the Remote Storage of Secrets section, remove the user store, then add it again.
5c Click OK.
6 On the Identity Servers page, update the Identity Server.
Users Are Receiving Invalid Credential Messages
The <SAML_Affiliate_Object>.SAML-Assertion.AuthorizedLoginMethods.Security object
contains two attributes that determine how long credentials are valid. If your Identity Server and
eDirectory server are not time synchronized, the credentials can become invalid before a user has
time to use them.
Either make sure that the time of your Identity Server and eDirectory server are synchronized, or
increase the value of the authsamlValidAfter and authsamlValidBefore attributes of the SAML
affiliate object.
Secrets Aren't Stored in the LDAP Directory
1 Open an LDAP browser and connect to the eDirectory server.
2 Browse to the user object.
3 Verify that the user object contains the LDAP attribute that you have specified as the attribute
to store the secrets.
4 If the attribute exists, browse to the schema and verify that the attribute has the following
characteristics:
Single valued
Case ignore
String
3.2 Creating Authentication Classes
Authentication classes let you define ways of obtaining end user credentials.You specify the code
(Java class) and properties to be executed to implement a particular authentication type.
Several authentication classes are included with Access Manager to provide a variety of ways to
authenticate end users. Custom authentication classes provided by other vendors can also be
configured to run in the system.
1 In the Administration Console, click Devices > Identity Server > Edit > Local > Classes.
Novell Access Manager 3.1 SP2 Installation
"Administration
Guide.
117.
Configuring Local Authentication 117
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 and is the answer not in the manual?
Questions and answers