Modifying A Ws Federation Service Provider; Renaming The Service Provider; Configuring The Attributes Sent With Authentication - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual

ID: If you have need to reference this card outside of the Administration Console, specify an
alphanumeric value here. If you do not assign a value, the Identity Server creates one for its
internal use. The internal value is not persistent. Whenever the Identity Server is rebooted, the
value can change. A specified value is persistent.
Text: Specify the text that is displayed on the card. This value, in combination with the image,
indicates to the users the provider they are logging into.
Image: Specify the image to be displayed on the card. Select the image from the drop-down
list. To add an image to the list, click <Select local image>.
Show Card: Determine whether the card is shown to the user, which allows the user to select
and use the card for authentication. If this option is not selected, the card is only used when a
service provider makes a request for the card.
Passive Authentication Only: Select this option if you do not want the Identity Server to
prompt the user for credentials. If the user has already authenticated and the credentials satisfy
the requirements of this contract, the user is passively authenticated. If the user's credentials do
not satisfy the requirements of this contract, the user is denied access.
3 Click OK twice, then update the Identity Server.

10.5 Modifying a WS Federation Service Provider

This section explains how to modify a WS Federation service provider after it has been created.
Section 10.3.2, "Creating a Service Provider for WS Federation," on page 269
required to create the service provider. You can modify the following configuration details:
Section 10.5.1, "Renaming the Service Provider," on page 273

 Section 10.5.2, "Configuring the Attributes Sent with Authentication," on page 273
Section 10.5.3, "Modifying the Authentication Response," on page 274

Section 10.5.4, "Viewing the WS Service Provider Metadata," on page 275

 Section 10.5.5, "Editing the WS Service Provider Metadata," on page 275

10.5.1 Renaming the Service Provider

1 In the Administration Console, click Devices > Identity Servers > Edit > WS Federation >
[Service Provider].
2 In the Name field, specify a new name for the service provider.
3 Click OK twice, then update the Identity Server.

10.5.2 Configuring the Attributes Sent with Authentication

When the Identity Server creates its response for the service provider, it uses the attributes listed on
the Attributes page. The response needs to contain the attributes that the service provider requires. If
you do not own the service provider, you need to contact the administrator of the service provider
and negotiate which attributes you need to send in the response. The service provider can then use
these attributes to identify the user, to create policies, to match user accounts, or if it allows
provisioning, to create a user account on the service provider.
1 In the Administration Console, click Devices > Identity Servers > Edit > WS Federation >
[Service Provider] > Attributes.
explains the steps
Configuring WS Federation 273