Authenticating With A Managed Card - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (30 pages)
Table of Contents
Advertisement
13 Enter the username and a password for an account in the user store.
You are logged in. On subsequent logins, you do not need to enter the username and password.
A personal card can be used to access resources protected by an Access Gateway, but it must be used
with a managed card. For this scenario, you need to complete the tasks in the following sections:
Section 8.3.2, "Authenticating with a Managed Card," on page 230
Section 8.3.3, "Authenticating with a Managed Card Backed by a Personal Card," on page 234
Section 8.6, "Using CardSpace Cards for Authentication to Access Gateway Protected
Resources," on page 242
For more information about configuring the Identity Server to be a relying party and the other
available options, see
page
235.
8.3.2 Authenticating with a Managed Card
To use a managed card, you need both a relying party and an identity provider as illustrated in
8-2 on page
on page
228, you have set up an Identity Server as a relying party. The following scenario explains
how to set up a second Identity Server to be the identity provider. It also explains how to configure a
trusted relationship between the relying party and the identity provider, so that a user can
authenticate to the relying party with a managed card.
"Prerequisite" on page 230
"Configuring a CardSpace Identity Provider" on page 231
"Creating and Installing a Managed Card" on page 231
"Configuring the Relying Party to Trust an Identity Provider" on page 232
"Logging In with the Managed Card" on page 234
These sections describe only a few of options available for configuring the Identity Server as a
CardSpace identity provider. For information about all the available options, see
"Configuring the Identity Server as an Identity Provider," on page
Prerequisite
For CardSpace and managed cards, you need to make sure that the SSL certificate and the signing
certificate of the Identity Server use the same name for the certificate's subject name. When you
configured the Identity Server for SSL, you replaced the default SSL certificate with a certificate
that uses the DNS name of the Identity Server as the subject name. For CardSpace, you need to
replace the default signing certificate. You can use the same certificate for signing as you did for
SSL.
Both Identity Server that is the relying party and the Identity Server that is the identity provider need
a signing certificate that uses the DNS name of the Identity Server as the subject name.
1 In the Administration Console, click Devices > Identity Servers > Edit > Security.
2 In the Keys and Certificate section, click Signing.
3 Click Replace.
230 Novell Access Manager 3.1 SP2 Identity Server Guide
Section 8.4, "Configuring the Identity Server as a Relying Party," on
224. If you completed the steps in
Section 8.3.1, "Authenticating with a Personal Card,"
239.
Figure
Section 8.5,
Advertisement
Table of Contents
Troubleshooting
