Defining A Trusted Provider - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (110 pages)
Table of Contents
Advertisement
User Identification Methods: If you enable federation, the user identification method
determines how the card is linked to a user account and allows the association to be saved. If
you do not enable federation, a user identification method allows the card to be linked with an
account, but the association is not saved. Select one of the following methods:
Do nothing: Select this option to allow the user to authenticate without creating an
association with a user account. This option cannot be used when federation is enabled.
Authenticate: Select this option when you want to use login credentials. This option
prompts the user to log in to the service provider.
Allow 'Provisioning': Select this option to allow users to create an account when
they have no account on the service provider.
This option requires that you specify a user provisioning method, which defines the
required attributes for setting up a user account. See
Provisioning Method," on page
Provision Account: Select this option when the users on the identity provider do not have
accounts on the service provider. This option allows the service provider to trust any user
that has authenticated to the trusted identity provider.
This option requires that you specify a user provisioning method, which defines the
required attributes for setting up a user account. See
Provisioning Method," on page
Attribute matching: Select this option when you want to use attributes to match an
identity server account with a service provider account. This option requires that you
specify a user matching method. See
Method for Liberty or SAML 2.0," on page
Prompt for password on successful match: Select this option to prompt the user
for a password when the user's name is matched to an account, to ensure that the
account matches.
6 (Conditional) If you have selected a method that requires account provisioning or attribute
matching, click the icon for Provisioning Settings or Attribute Matching Settings. For
instructions, see
Section 11.3, "Defining the User Provisioning Method," on page 282
Section 11.1.2, "Configuring the Attribute Matching Method for Liberty or SAML 2.0," on
page
279.
7 Click Finish > OK.
8 Restart the Identity Server. Stopping and starting the Identity Server also updates its
configuration:
8a On the Identity Servers page, select the server, then click Stop > OK.
8b When the health turns red, select the server, then click Start.
9 Continue with
Section 8.4.2, "Defining a Trusted Provider," on page
8.4.2 Defining a Trusted Provider
You need to create a trusted provider for each server you want to explicitly trust as an identity
provider. If your users are going to use only personal cards for authentication or it explicit trust is
not required, you do not need to create a trusted provider configuration.
282.
Section 11.3, "Defining the User
282.
Section 11.1.2, "Configuring the Attribute Matching
279.
Section 11.3, "Defining the User
or
237.
Configuring CardSpace 237
Advertisement
Table of Contents
Troubleshooting
