As a root user, log into the Access Manager 1 host.
Copy the following Service Provider configuration files from the Federation Manager 1 host to the Access Manager 1 host:
/etc/opt/SUNWam/config/saml2-sp-template.xml /etc/opt/SUNWam/config/saml2-sp-extended-template.xml |
In this deployment example, the files are copied to the following directory on the Access Manager host:
/etc/opt/SUNWam/config/ |
Customize the saml2-sp-extended-template.xml file.
Go to the following directory:
/etc/opt/SUNWam/config/ |
Open the file saml2-sp-extended-template.xml.
Set the following parameter value:
<EntityConfig xmlns="urn:sun:fm:SAML:2.0:entityconfig" xmlns:fm="urn:sun:fm:SAML:2.0:entityconfig" hosted="0" |
This indicates that you are using the a configuration from a remote host. A 1 value indicates that the configuration is provided by the local host.
Save the file.
Load the customized Service Provider configuration files.
# /opt/SUNWam/saml2/bin/saml2meta import -u amadmin -w 4m4dmin1 -r /users -m /etc/opt/SUNWam/config/saml2-sp-template.xml -x /etc/opt/SUNWam/config/saml2-sp-extended-template.xml |
Restart the Access Manager Servers
Verify that both Service Provider and Identity Provider belong to the same circle of trust.
Run the cotmember command to display a list of entities in the circle of trust.
# /opt/SUNWam/saml2/bin/saml2meta cotmember -u amadmin -w 4m4dmin1 -r /users -t saml2_circle_of_trust Entity ID:LoadBalancer-9.siroe.com Entity ID:LoadBalancer-3.example.com Circle of trust "saml2_circle_of_trust" is listed successfully. |