To Create an ID-FF
Entity Provider
Use these steps to create an entity provider based on the ID-FF protocol for Federation Services. You can assign the identity provider or service provider (or both) role to the entity, but multiple roles will belong to the same entity provider.
-
Log in as an administrator.
-
Go to the Federation tab in the console and click New in the Entity Provider table.
-
When prompted, select ID-FF as the entity provider.
-
Select the Realm to which the entity provider will belong.
-
Type a name in the Entity Identifier field.
-
Choose the entity provider role you wish to assign to the entity provider.
Entering data in the Meta Alias field will automatically create and assign the entity provider role to the entity provider upon completion.
-
Enter values for the following attributes for one or more roles:
- Meta Alias
-
Specifies a metaAlias for the provider role being configured. The metaAlias is used to locate the provider's entity identifier and the organization in which it is located. The value is a string equal to the realm or organization name coupled with a forward slash and the provider name. For example, /suncorp/travelprovider.
Caution – The names used in the metaAlias must not contain a /.
- Signing Certificate Alias
-
Specifies the provider certificate alias used to find the correct signing certificate in the keystore.
- Encryption Certificate alias
-
Specifies the provider certificate alias used to find the correct encryption certificate in the keystore.
-
Click Create.
The entity provider, its assigned provider roles, and location will be displayed in the Entity Providers list.
-
To customize the entity providers' roles behavior, click on the name of the entity provider and choose the tab that corresponds to the role you wish to customize. See Chapter 6, Federation Attributes for Entity Providers, in Sun OpenSSO Enterprise 8.0 Administration Reference for definitions attributes for provider customization.
- © 2010, Oracle Corporation and/or its affiliates