Configuring Affiliate Entities

After you create an affiliate entity, you populate it with affiliation information. This section contains the following procedures:

• To Configure an Affiliate Entity

• To Configure General Attributes for an Affiliate Entity

• To Configure Affiliate Attributes for an Affiliate Entity

To Configure an Affiliate Entity

1. In the Access Manager Console, select the Federation tab.

2. Under Federation, select the Entities tab.

3. Select the provider entity that you want to configure.

   Ensure that you select an entity marked as type Affiliate.

4. Define values for the General or Affiliate attribute groupings by choosing from the View menu:

   • To define values for General attributes, see To Configure General Attributes for an Affiliate Entity

   • To define values for Affiliate attributes, see To Configure Affiliate Attributes for an Affiliate Entity

To Configure General Attributes for an Affiliate Entity

Before performing this procedure, you must have completed the steps in To Configure an Affiliate Entity.

1. Choose General from the View menu, and provide information for the Entity Common Attributes.

   Entity Common Attributes contain values that define the entity.

   Entity Name

   The static value of this attribute is the name that you provided when creating the entity.

   Type

   The static value of this attribute is Provider.

   Description

   The value of this optional attribute is the description that you provided when creating the entity. You can modify the description.

   Valid Until

   Type the expiration date for the entity metadata. Use Coordinated Universal Time (UTC) in the format yyyy-mm-ddThh:mm:ss.SZ, for example, 2004-12-31T14:30:00.0Z.

   Cache Duration

   Type the maximum amount of time that the entity metadata can be cached. Use the format PnYnMnDTnHnMnS, where n is an integer variable. For example, P1Y2M4DT9H8M20S defines the cache duration as 1 year, 2 months, 4 days, 9 hours, 8 minutes, and 20 seconds.

2. Provide information for the Entity Contact Person Profile attributes.

   Entity Contact Person Profile attributes contain values that define the administrator of the entity.

   First Name

   Type the given name of the entity’s contact person.

   Last Name

   Type the surname of the entity’s contact person.

   Type

   Choose the type of contact from the drop-down menu:

   • Administrative

   • Billing

   • Technical

   • Other

   Company

   Type the name of the company that employs this person.

   Liberty Principal ID

   Type a URI that points to an online instance of the contact person’s personal information profile.

   Emails

   Type one or more email addresses for the contact person.

   Telephone Numbers

   Type one or more telephone numbers for the contact person.

3. Provide information for the Organization Profiles.

   The optional Organization Profiles attributes contain values that define the organizational name of the entity.

   Names

   Type the complete legal name of the organization. Use the format locale|organization-name, for example, en|organization-name.com.

   ---

   Note –

   If the Names attribute contains a value, it is required to add values to the Display Names and URL attributes also.

   ---

   Display Names

   Type a name that is suitable for display to a principal. The value is defined in the format locale|organization-display-name. For example, en|organization-display-name.com.

   URL

   Type a URL that can be used to direct a principal to additional information on the entity. Use the format locale|organization-URL, for example, en|http://www.organization-name.com.

4. Click Save to complete the configuration, or choose Affiliate from the View menu to configure the Affiliate attributes.

   To define values for Affiliate attributes, see To Configure Affiliate Attributes for an Affiliate Entity.

To Configure Affiliate Attributes for an Affiliate Entity

Before performing this procedure, you must have completed the steps in To Configure an Affiliate Entity.

1. Choose Affiliate from the View menu and provide information for the Common Attributes.

   Common Attributes contain values that generally define the affiliation.

   Name

   The value of this attribute is the name of the affiliation.

   Owner

   The value of this attribute is the owner of the affiliation.

   Valid Until

   Type the expiration date for the affiliation metadata. Use Coordinated Universal Time (UTC) and the format yyyy-mm-ddThh:mm:ss.SZ, for example, 2004-12-31T14:30:00.0Z.

   Cache Duration

   Type the maximum amount of time affiliation metadata can be cached. Use the format PnYnMnDTnHnMnS, where n is an integer. For example, P1Y2M4DT9H8M20S defines the cache duration as 1 year, 2 months, 4 days, 9 hours, 8 minutes, and 20 seconds.

   Signing Key: Key Alias

   Type the key alias that is used to sign requests and responses.

   Encryption Key: Key Alias

   Type the security certificate alias. Certificates are stored in a JKS keystore file. Each specific certificate is mapped to an alias that is used to fetch the certificate.

   Encryption Key: Key Size

   Type the length for keys used by the web service consumer when interacting with another entity.

   Encryption Key: Encryption Method

   Select the method of encryption:

   • None

   • AES

   • DESede

2. Select any of the available provider entities to assign as members of the affiliation.

   A provider can belong to one or more affiliations. However, a provider without a specified authentication domain cannot participate in Liberty-based communications. Also, be sure that the service provider entity being assigned to the affiliate entity has enabled affiliation federation.

3. Click Save to complete the configuration.

4. Click OK to complete the configuration, or choose General from the View menu to configure the General attributes.

   To define values for General attributes, see To Configure General Attributes for an Affiliate Entity.