Sun OpenSSO Enterprise 8.0 Update 1 Release Notes

To Configure the Service Provider and the ASP.NET Fedlet

  1. Download the OpenSSO Enterprise ZIP archive to the service provider machine and unzip it.

  2. Unzip the Fedlet-unconfigured.zip in the /opensso/fedlet/ folder.

  3. Move the /opensso/fedlet/asp.net/ folder to a temporary directory.

  4. Change to the /tmp/asp.net/conf directory.

  5. Make copies of the template files.

    • Copy sp.xml-template to sp.xml.

    • Copy sp-extended.xml-template to sp-extended.xml.

    • Copy idp-extended.xml-template to idp-extended.xml.

    • Copy fedlet.cot-template to fedlet.cot.

  6. Swap out the following tags in the copied metadata files.

    • Replace FEDLET_COT with the name of the circle of trust of which the remote identity provider and the local service provider are members.

    • Replace FEDLET_ENTITY_ID with a unique identifier used to locate the Fedlet. This value is analogous to the service provider EntityID. The EntityID attribute is under the EntityDescriptor element that is passed to the service provider as part of the XML exchange. The Name attribute of a configured entity provider when looking in the OpenSSO console is the value of the EntityID.

    • Replace FEDLET_URL with the URL of the Fedlet; for example, http://sp-machine.domain/SampleApp/fedletapplication.aspx.

    • Replace IDP_ENTITY_ID with the entity ID of the remote identity provider. The EntityID attribute is under the EntityDescriptor element that is passed to the service provider as part of the XML exchange. The Name attribute of a configured entity provider in the OpenSSO console is the value of the EntityID.

At this point, return to the identity provider machine to register the service provider using the modified sp.xml file and making sure to associate the service provider and the identity provider with the same circle of trust.