This procedure assumes the following values:
Deployment URI |
opensso |
Port |
58080 |
Protocol |
http |
Write down or copy the value of the Site ID attribute from the destination site (machine B).
Login to the console running at exampleB.com as the default administrator, amadmin.
Click the Federation tab.
Click the SAML button.
Click the sole entry listed under Site Identifiers.
This takes you to the Edit site identifier page.
Write down or copy the value of the Site ID attribute.
Click Cancel.
Log out of this instance of OpenSSO Enterprise.
Configure the source site (machine A) to trust the destination site (machine B) AND write down or copy the value of the Site ID attribute from the source site.
Login to the console running at exampleA.com as the default administrator, amadmin.
Click the Federation tab.
Click New under Trusted Partners.
This takes you to the Select trusted partner type and profile page.
Check Artifact and Post under Destination and click Next.
This takes you to the Add New Trusted Partner page.
Set the values of the following attributes to configure machine B as a trusted partner of machine A:
name |
Type the name of the trusted partner. The name will be displayed in the trusted partner table. |
Source ID |
Type the Site ID copied from the destination site, machine B, in the previous step. |
Target |
The value of this attribute contains the host's domain or domain with port. Do not include the accompanying protocol. For example, exampleB.com and exampleB.com:58080 are valid but, http://exampleB.com:58080. |
SAML URL |
http://exampleB.com:58080/opensso/SAMLAwareServlet |
HOST LIST |
exampleB.com |
POST URL |
http://exampleB.com:58080/opensso/SAMLPOSTProfileServlet |
Click Finish.
Click Save.
Click the sole entry listed under Site Identifiers.
This takes you to the Edit site identifier page.
Write down or copy the value of the Site ID attribute.
Click Cancel to go to previous page.
Log out of OpenSSO Enterprise.
Configure the destination site (machine B) to trust the source site (machine A).
Login to the OpenSSO Enterprise console running at exampleB.com as the default administrator, amadmin.
Click the Federation tab.
Click New under Trusted Partners.
This takes you to the Select trusted partner type and profile page.
Check Artifact and Post under Source and click Next.
This takes you to the Add New Trusted Partner page.
Set the values of the following attributes to configure machine A as a trusted partner of machine B:
Name |
Type the name of the trusted partner. This will appear in the Trusted Partners table. |
Source ID |
Type the Site ID you copied from the source site, machine A, in the previous step. |
SOAP URL |
http://exampleA.com:58080/opensso/SAMLSOAPReceiver |
Issuer |
exampleA.com:58080 |
If machine B uses https, check SSL under Authentication Type. Be sure to modify the protocol in the other attributes as necessary.
Click Finish.
Click Save.
Log out of OpenSSO Enterprise.