After you create an affiliate entity, you populate it with affiliation information. This section contains the following procedures:
In the Access Manager Console, select the Federation tab.
Under Federation, select the Entities tab.
Select the provider entity that you want to configure.
Ensure that you select an entity marked as type Affiliate.
Define values for the General or Affiliate attribute groupings by choosing from the View menu:
To define values for General attributes, see To Configure General Attributes for an Affiliate Entity
To define values for Affiliate attributes, see To Configure Affiliate Attributes for an Affiliate Entity
Before performing this procedure, you must have completed the steps in To Configure an Affiliate Entity.
Choose General from the View menu, and provide information for the Entity Common Attributes.
Entity Common Attributes contain values that define the entity.
The static value of this attribute is the name that you provided when creating the entity.
The static value of this attribute is Provider.
The value of this optional attribute is the description that you provided when creating the entity. You can modify the description.
Type the expiration date for the entity metadata. Use Coordinated Universal Time (UTC) in the format yyyy-mm-ddThh:mm:ss.SZ, for example, 2004-12-31T14:30:00.0Z.
Type the maximum amount of time that the entity metadata can be cached. Use the format PnYnMnDTnHnMnS, where n is an integer variable. For example, P1Y2M4DT9H8M20S defines the cache duration as 1 year, 2 months, 4 days, 9 hours, 8 minutes, and 20 seconds.
Provide information for the Entity Contact Person Profile attributes.
Entity Contact Person Profile attributes contain values that define the administrator of the entity.
Type the given name of the entity’s contact person.
Type the surname of the entity’s contact person.
Choose the type of contact from the drop-down menu:
Administrative
Billing
Technical
Other
Type the name of the company that employs this person.
Type a URI that points to an online instance of the contact person’s personal information profile.
Type one or more email addresses for the contact person.
Type one or more telephone numbers for the contact person.
Provide information for the Organization Profiles.
The optional Organization Profiles attributes contain values that define the organizational name of the entity.
Type the complete legal name of the organization. Use the format locale|organization-name, for example, en|organization-name.com.
If the Names attribute contains a value, it is required to add values to the Display Names and URL attributes also.
Type a name that is suitable for display to a principal. The value is defined in the format locale|organization-display-name. For example, en|organization-display-name.com.
Type a URL that can be used to direct a principal to additional information on the entity. Use the format locale|organization-URL, for example, en|http://www.organization-name.com.
Click Save to complete the configuration, or choose Affiliate from the View menu to configure the Affiliate attributes.
To define values for Affiliate attributes, see To Configure Affiliate Attributes for an Affiliate Entity.
Before performing this procedure, you must have completed the steps in To Configure an Affiliate Entity.
Choose Affiliate from the View menu and provide information for the Common Attributes.
Common Attributes contain values that generally define the affiliation.
The value of this attribute is the name of the affiliation.
The value of this attribute is the owner of the affiliation.
Type the expiration date for the affiliation metadata. Use Coordinated Universal Time (UTC) and the format yyyy-mm-ddThh:mm:ss.SZ, for example, 2004-12-31T14:30:00.0Z.
Type the maximum amount of time affiliation metadata can be cached. Use the format PnYnMnDTnHnMnS, where n is an integer. For example, P1Y2M4DT9H8M20S defines the cache duration as 1 year, 2 months, 4 days, 9 hours, 8 minutes, and 20 seconds.
Type the key alias that is used to sign requests and responses.
Type the security certificate alias. Certificates are stored in a JKS keystore file. Each specific certificate is mapped to an alias that is used to fetch the certificate.
Type the length for keys used by the web service consumer when interacting with another entity.
Select the method of encryption:
None
AES
DESede
Select any of the available provider entities to assign as members of the affiliation.
A provider can belong to one or more affiliations. However, a provider without a specified authentication domain cannot participate in Liberty-based communications. Also, be sure that the service provider entity being assigned to the affiliate entity has enabled affiliation federation.
Click Save to complete the configuration.
Click OK to complete the configuration, or choose General from the View menu to configure the General attributes.
To define values for General attributes, see To Configure General Attributes for an Affiliate Entity.