Configuring The Attributes Obtained At Authentication - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (110 pages)
Table of Contents
Advertisement
For best performance, you should configure the trusted providers to use attribute sets, especially for
attributes that have static values such as a user's e-mail address, employee ID, or phone number. It
reduces the traffic between the provider and the LDAP server, because the attribute information can
be gathered in one request at authentication rather than in a separate request for each attribute when
a policy or protected resource needs the attribute information.
Section 7.6.1, "Configuring the Attributes Obtained at Authentication," on page 200
Section 7.6.2, "Configuring the Attributes Sent with Authentication," on page 201
Section 7.6.3, "Sending Attributes to the Embedded Service Provider," on page 202
7.6.1 Configuring the Attributes Obtained at Authentication
When the Identity Server creates its request to send to the identity provider, it uses the attributes that
you have selected. The request asks the identity provider to provide values for these attributes. You
can then use these attributes to create policies, to match user accounts, or if you allow provisioning,
to create a user account on the service provider.
1 In the Administration Console, click Devices > Identity Servers > Edit > [Protocol] >
[Identity Provider] > Attributes.
2 (Conditional) To create an attribute set, select New Attribute Set from the Attribute Set drop-
down menu.
An attribute set is a group of attributes that can be exchanged with the trusted provider. For
example, you can specify that the local attribute of any attribute in the Liberty profile (such as
Informal Name) matches the remote attribute specified at the service provider.
2a Specify a set name, then click Next.
2b On the Define Attributes page, click New.
2c Select a local attribute.
2d Optionally, provide the name of the remote attribute and a namespace.
2e Click OK.
For more information on this process, see
page
2f To add other attributes to the set, repeat
2g Click Finish.
200 Novell Access Manager 3.1 SP2 Identity Server Guide
173.
Section 6.1, "Configuring Attribute Sets," on
Step 2b
through
Step
2e.
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 and is the answer not in the manual?
Questions and answers