Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Servers: Configuration: Federation Services: Source Site

Configuration Options     Related Tasks     Related Topics

This page lets you view and define various Federation Services SAML 1.1 SSO Source Site settings for this server instance. You must first configure a SAML Credential Mapper V2 security provider in the server's security realm.

Configuration Options

Name Description
Source Site Enabled

Indicates whether the Source Site is enabled.

MBean Attribute:
FederationServicesMBean.SourceSiteEnabled

Changes take effect after you redeploy the module or restart the server.

Source Site URL

The URL for the Source Site.

MBean Attribute:
FederationServicesMBean.SourceSiteURL

Changes take effect after you redeploy the module or restart the server.

Source Site ID Hex

The Source Site ID in hexadecimal.

This read-only value is a hexadecimal representation of a 20-byte binary value that is calculated from the SourceSiteURL. If you want to configure ARTIFACT profile with another site, you will need to give a SourceId value to the other site. This value is are automatically updated when the SourceSiteURL changes.

MBean Attribute:
FederationServicesMBean.SourceIdHex

Changes take effect after you redeploy the module or restart the server.

Source Site ID Base64

The Source Site ID base64-encoded.

This read-only value is a Base64 representation of a 20-byte binary value that is calculated from the SourceSiteURL. If you want to configure ARTIFACT profile with another site, you will need to give a SourceId value to the other site. This value is are automatically updated when the SourceSiteURL changes.

MBean Attribute:
FederationServicesMBean.SourceIdBase64

Changes take effect after you redeploy the module or restart the server.

Intersite Transfer URIs

The Intersite Transfer URIs.

MBean Attribute:
FederationServicesMBean.IntersiteTransferURIs

Changes take effect after you redeploy the module or restart the server.

ITS Requires SSL

Specifies whether the Intersite Transfer Service requires SSL.

MBean Attribute:
FederationServicesMBean.ITSRequiresSSL

Assertion Retrieval URIs

One or more URIs on which to listen for incoming assertion retrieval requests.

For artifact profile, the destination site receives a SAML artifact that represents a source site (why we need the source site ID values) and an assertion ID. The destination site sends a request containing the artifact to the source site's assertion retrieval URL, and the source site responds with the corresponding assertion. You may configure multiple URIs here, although typically one will be sufficient. The URI includes the application context, followed by the resource context. For example:

/my_application/saml/ars

which would be accessible from the outside as https://my.example.com/my_application/saml/ars

MBean Attribute:
FederationServicesMBean.AssertionRetrievalURIs

Changes take effect after you redeploy the module or restart the server.

ARS Requires SSL

Specifies whether the Assertion Retrieval Service requires SSL.

MBean Attribute:
FederationServicesMBean.ARSRequiresSSL

ARS Requires Two-Way SSL Authentication

Specifies whether the Assertion Retrieval Service requires two-way SSL authentication.

MBean Attribute:
FederationServicesMBean.ARSRequiresTwoWaySSL

Assertion Store Class Name

The class that provides persistent storage for assertions, if you use an Assertion Store class other than the default class.

MBean Attribute:
FederationServicesMBean.AssertionStoreClassName

Changes take effect after you redeploy the module or restart the server.

Assertion Store Properties

Properties passed to Assertion Store class initStore() method.

This may be useful if you have implemented a custom Assertion Store class.

MBean Attribute:
FederationServicesMBean.AssertionStoreProperties

Changes take effect after you redeploy the module or restart the server.

Signing Key Alias

The alias used to store and retrieve the Source Site's signing key in the keystore. This key is used to sign POST profile responses.

MBean Attribute:
FederationServicesMBean.SigningKeyAlias

Signing Key Passphrase

The passphrase used to retrieve the Source Site's signing key from the keystore.

MBean Attribute:
FederationServicesMBean.SigningKeyPassPhrase

Changes take effect after you redeploy the module or restart the server.

Related Tasks

Related Topics


Back to Top