To Set Up the Service Provider

1. Login to the OpenSSO console as the administrator.

2. Click the Federation tab.

3. Select the name of the appropriate hosted service provider.

4. Click the Advanced tab.

5. Add one entry for each service provider application as a value of the Application Security Configuration attribute. Each application should have one entry using the one of following formats:

   • url=SPAppURL|type=symmetric|secret=encoded-shared-secret|
     encryptionalgorithm=encryption-algorithm|
     encryptionkeystrength=encryption-strength

     Sample Symmetric Entry

     url=http://www.spapp.com:8080/spapp/samples/saml2/sae/saeSPApp.jsp| type=symmetric|secret=AQICNeg4ahYuOLmXG5w5yUgvmCUP0rr1HFGf| encryptionalgorithm=DES|encryptionkeystrength=56

   • url=SPAppURL|type=asymmetric|privatekeyalias=
     SP-signing-certificate-alias|encryptionalgorithm=encryption-algorithm|
     encryptionkeystrength=encryption-strength|
     pubkeyalias=SPApp-public-key-alias

     The privatekeyalias attribute may be omitted if the signing-certificate-alias is already configured in the service provider metadata.

     Sample Asymmetric Entry

     url=http://www.spapp.com:8080/spapp/samples/saml2/sae/saeSPApp.jsp| type=asymmetric|privatekeyalias=test|encryptionalgorithm=DES| encryptionkeystrength=56|pubkeyalias=spapp-cert

6. Save the configuration.

7. Log out of the console.