Configuring Attribute Claims; Configuring User Identification - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual

 To modify the profile attributes, click Attributes. Continue with
"Configuring Attribute Claims," on page
To modify the user identification methods, click User Identification. Continue with

Section 8.9.3, "Configuring User Identification," on page

8.9.2 Configuring Attribute Claims

Use the Attributes page to specify the attributes (claims) that must have values.
1 In the Administration Console, click Devices > Identity Servers > Edit > CardSpace >
Authentication Card Profiles > [Name of Profile] > Attributes.
2 Configure the following fields:
Attribute Set: From the drop-down list, select the attribute set from which you want to select
required and optional attributes. These attributes must match the claims that have been defined
for personal cards. If you need to create an attribute set, select New Attribute Set. See
Section 6.1, "Configuring Attribute Sets," on page
Required Attributes: From the list of available attributes, select an attribute and move it to the
Required Attribute list. If the managed card is going to be backed by a personal card, make sure
the Personal Private Identifier attribute is selected.
Optional Attributes: From the list of available attributes, select an attribute and move it to the
Optional Attribute list.
3 Select one of the following actions:
If you are creating a profile, click Next. Continue with

Identification," on page
If you have finished modifying the profile, click OK twice, then update the Identity Server.

To modify the user identification methods, click User Identification. Continue with

Section 8.9.3, "Configuring User Identification," on page

8.9.3 Configuring User Identification

Use this page to specify the user identification methods. The options on this page determine whether
the user can use the card for single sign-on.
1 In the Administration Console, click Devices > Identity Servers > Edit > CardSpace >
Authentication Card > [Name of Profile] > User Identification.
2 Configure the following fields:
Satisfied Contracts: From the list of available contracts, select a contract and move it to the
Satisfied Contract list. Select one or more.
If you are using CardSpace to allow access to Access Gateway protected resources, you must
ensure that all contracts specified for a protected resource are satisfied by an authentication
profile.
Allow Federation: Select this option to enable account federation. Enabling this option
assumes that a user account exists at the provider or that a method is provided to create an
account that can be associated with the user on subsequent logins. If you do not use this feature,
authentication is permitted but is not associated with a particular user account.
247.
173.
247.
Section 8.9.2,
247.
Section 8.9.3, "Configuring User
247).
Configuring CardSpace 247