Access Manager provides proprietary attributes that are not a specific part of the Liberty ID-FF. To load Access Manager proprietary metadata use the following command:
amadmin --runasdn userdn --password password --data proprietary_metadata_filename |
After loading the metadata, the --export option can be used to export metadata compliant with the Liberty ID-FF. This file can then be exchanged with trusted partners. Here is an example of an identity provider metadata XML file for proprietary attributes.
<?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE Requests PUBLIC "-//iPlanet//Sun Java System Access Manager 2005Q4 Admin CLI DTD//EN" "jar://com/iplanet/am/admin/cli/amAdmin.dtd"> <Requests> <OrganizationRequests DN="dc=companyA,dc=com"> <CreateHostedProvider id="http://sp.companyA.com" role="SP" defaultUrlPrefix="http://sp.companyA.com:80"> <AttributeValuePair> <Attribute name="iplanet-am-provider-name"/> <Value>sp</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="iplanet-am-provider-alias"/> <Value>sp.companyA.com</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="iplanet-am-list-of-authenticationdomains"/> <Value>samplecot</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="iplanet-am-certificate-alias"/> <Value>cert_alias</Value> </AttributeValuePair> <AttributeValuePair> <Attribute name="iplanet-am-trusted-providers"/> <Value>http://idp.companyB.com</Value> <Value>http://idp.companyC.com</Value> </AttributeValuePair> <SPAuthContextInfo AuthContext="Password" AuthLevel="1"/> <AttributeValuePair> <Attribute name="iplanet-am-provider-homepage-url"/> <Value>http://sp.companyA.com:80/idff/index.jsp</Value> </AttributeValuePair> </CreateHostedProvider> </OrganizationRequests> </Requests> |