Configuration Overview - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (110 pages)
Table of Contents
Advertisement
Embedded Service Provider
Figure 7-2
Payroll Identity Server (IDP)
Trusted ESP
Access Gateway
7.1.3 Configuration Overview
The following high-level tasks describe the process required to set up the trust model between an
identity provider and a service provider. Although these tasks assume that both providers are
Identity Servers provided with Access Manager, similar tasks must be performed when one of the
providers is a third-party application.
1. Administrators at each company install and configure the Identity Server.
See
Section 1.1.1, "Creating a Cluster Configuration," on page
familiar with the
Novell Access Manager 3.1 SP2 Installation
2. Administrators at each company must import the trusted root certificate of the other Identity
Server into the NIDP trust store.
Click Devices > Identity Servers > Servers > Edit > Security > NIDP Trust Store, then auto
import the certificate. Use the SSL port (8443) even if you haven't set up the base URL of the
Identity Server to use HTTPS.
3. Administrators must exchange Identity Server metadata with the trusted partner.
Metadata is generated by the Identity Server and can be obtained via a URL or an XML
document, then entered in the system when you create the reference. This step is not applicable
if you are referencing an ESP. When you reference an ESP, the system lists the installed ESPs
for you to choose, and no metadata entry is required.
4. Create the reference to the trusted identity provider and the service provider.
This procedure associates the metadata with the new provider. See
Trusted Provider for Liberty or SAML 2.0," on page
5. Configure user authentication.
This procedure defines how your Identity Server interacts with the trusted provider during user
authentication. Access Manager comes with default basic authentication settings already
enabled. See
Chapter 11, "Configuring User Identification Methods for Federation," on
page
277.
Additional important steps for enabling authentication between trusted providers include:
Setting up the necessary authentication contracts. See
Authentication Contracts," on page
Protected
Application
190.
124.
Configuring SAML and Liberty Trusted Providers 185
16. (You should already be
Guide.)
Section 7.3.1, "Creating a
Section 3.4, "Configuring
Advertisement
Table of Contents
Troubleshooting
