Configure the Instance of OpenSSO Enterprise Local to the Identity Provider for the Remote Service Provider (Sun OpenSSO Enterprise 8.0 Developer's Guide)

Sun OpenSSO Enterprise 8.0 Developer's Guide

Previous: Configure the Instance of OpenSSO Enterprise Local to the Service Provider
Next: Configure the Instance of OpenSSO Enterprise Local to the Service Provider for the Remote Identity Provider

Configure the Instance of OpenSSO Enterprise Local to the Identity Provider for the Remote Service Provider

Both the standard and extended metadata retrieved from the remote service provider will be imported to the instance of OpenSSO Enterprise local to the identity provider.

Get both the remote service provider standard metadata and the remote service provider extended metadata used in Configure the Instance of OpenSSO Local to the Service Provider.
Modify the remote service provider extended metadata as follows:
- Remove all shared secrets defined in the actual provider metadata file.
- Set the hosted attribute to 0 (false) as in <EntityConfig .. hosted="0" ....>. This defines the entity as remote and can only be done using the actual provider metadata file.
- Remove the value for the SP Logout URL attribute under the Advanced tab of the service provider configuration.
- Add the following attribute and values to the Attribute Map attribute under the Assertion Processing tab.
```
mail=mail
branch=branch
```
Import both metadata files to the instance of OpenSSO Enterprise local to the identity provider.

Use ssoadm the command line interface.