15.4 Testing Requests Initiated by the Identity Provider Using SOAP
Use the following as your checklist for testing:
Note –
Conduct the four tests using the same browser window instance. The tests must be conducted in consecutive order to satisfy Use Case 1C.
To Test Persistent Federation Using Browser
Artifact
-
Access the Federation Manager server using one of the following alternatives:
-
Go to the index.jsp URL:
https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp
On the SAML2 Use Cases page, in the IDP Initiated Profiles section, click the following link:
Persistent Federation (Browser Artifact)
-
Go to the following URL:
https://loadbalancer-3.example.com:9443/amserver/saml2/jsp/ idpSSOInit.jsp?metaAlias=/users/idp&spEntityID= loadbalancer-9.siroe.com
The login request is redirected to Access Manager.
-
-
Log in to the Access Manager console using the following information:
- User Name:
-
idp
- Password:
-
idp
The login request is redirected to Federation Manager.
-
Log in to the Federation Manager console using the following information:
- User Name:
-
spuser
- User Name:
-
spuser
The message “Single Sign-On succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.
# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2
To Test Logout Using SOAP
-
Go to the index.jsp URL:
https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp
On the SAML2 Use Cases page, in the IDP Initiated Profiles section, click the following link:
Logout (HTTP)
-
Go to the following URL:
https://loadbalancer-3.example.com:9443/amserver/saml2/jsp/ idpSingleLogoutInit.jsp?metaAlias=/users/idp&spEntityID= loadbalancer-9.siroe.com&binding= urn:oasis:names:tc:SAML:2.0:bindings:SOAP
The message “IDP initiated single logout succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.
# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2
Access the Federation Manager server using one of the following alternatives:
To Test Single Sign-On Using Browser Artifact
-
Access the Federation Manager server using one of the following alternatives:
-
Go to the index.jsp URL:
https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp
On the SAML2 Use Cases page, in the IDP Initiated Profiles section, click the following link:
Single Sign-On (Browser Artifact)
-
Go to the following URL:
https://loadbalancer-3.example.com:9443/amserver/saml2/jsp/ idpSSOInit.jsp?metaAlias=/users/idp&spEntityID= loadbalancer-9.siroe.com
The login request is redirected to Access Manager.
-
-
Log in to the Access Manager console using the following information:
- User Name:
-
idp
- Password:
-
idp
The message “Single Sign-On succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.
# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2
To Test Federation Termination Using SOAP
-
Go to the index.jsp URL:
https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp
On the SAML2 Use Cases page, in the IDP Initiated Profiles section, click the following link:
Federation Termination (HTTP)
-
Go to the following URL:
https://loadbalancer-3.example.com:9443/amserver/saml2/jsp/ idpMNIRequestInit.jsp?metaAlias=/users/idp&spEntityID= loadbalancer-9.siroe.com&binding= urn:oasis:names:tc:SAML:2.0:bindings:SOAP&requestType=Terminate
The message “ManageNameID Request succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.
# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2
Access the Federation Manager server using one of the following alternatives:
- © 2010, Oracle Corporation and/or its affiliates