test

Sun Java System SAML v2 Plug-in for Federation Services User's Guide

ProcedureTo Configure Mappings

The following procedure assumes you are mapping urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport to authentication level 4 on the service provider and use the LDAP authentication module for authentication on the identity provider.

  1. Set the mapping for the spAuthncontextClassrefMapping property in the current extended service provider metadata.

    For example, PasswordProtectedTransport|4

  2. Reload the modified metadata using saml2meta.

    See The saml2meta Command-line Reference.

  3. Set the mapping for the idpAuthncontextClassrefMapping property in the current extended identity provider metadata.

    For example, urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport|module=LDAP

  4. Reload the modified metadata using saml2meta.

    See The saml2meta Command-line Reference.

  5. Access the single sign-on initialization page using the following URL:

    http://AM_host:AM_port/uri/spSSOinit.jsp?metaAlias=/sp&idpEntityID=idp.sun.com&AuthnContextClassRef=PasswordProtectedTransport