test

Deployment Example 2: Federation Using SAML v2

12.2 Testing Basic SAMLv2 Protocols

Use the following as your checklist for testing basic SAMLv2 protocols are working properly:

  1. Verify that basic Login and Logout work properly.

  2. Verify that Single Sign-On works properly.

  3. Verify that Single Logout works properly.

ProcedureTo Verify that Basic Login and Logout Work Properly

  1. Go to the following Federation Manager URL:


    https://LoadBalancer-9.siroe.com:3443/federation/UI/Login

  2. Log in to the Federation Manager console using the following information:

    User Name:

    spuser

    Password:

    spuser

    The following message is displayed:

    Information: Welcome to Federation Manager. You have successfully authenticated.

  3. Close the Browser.

    This test verifies that Federation is configured properly and that basic login and logout operations work properly through the Federation Manager load balancer.

    Note –

    Before proceeding with SSO testing, be sure that the cookie that contains session information is deleted. You can do this in one of two ways. You can clear the browser of all cookies (see your browser documentation for detailed instructions). Or you can close the browser and reopen it.

ProcedureTo Verify that Single Sign-On Works Properly on Initial Login

  1. In the browser location field, enter the following URL:


    https://LoadBalancer-9.siroe.com:3443/federation/saml2/jsp/
spSSOInit.jsp?metaAlias=/sp&idpEntityID=loadbalancer-3.example.com

    The Access Manager login page is displayed.

  2. Log in to the Access Manager console using the following information:

    User Name:

    idpuser

    Password:

    idpuser

    The Service Provider (Federation Manager) login page is displayed.

  3. Log in to the Federation Manager console using the following information:

    User Name:

    spuser

    Password:

    spuser

    An HTML page is displayed and contains the following message, “Single Sign-on succeeded.” Notice that the user signs in to both Access Manager and Federation Manager only on the first login.

    Do not log out or close the browser at this time. Proceed to the next task, “To Verify that Single Logout Works Properly.”

ProcedureTo Verify that Single Logout Works Properly

    In the browser location field, enter the following URL:


    https://LoadBalancer-9.siroe.com:3443/federation/saml2/jsp/
spSingleLogoutInit.jsp?metaAlias=/sp&idpEntityID=loadbalancer-3.example.com

    An HTML page is displayed and contains the following message, “SP initiated Single Logout succeeded.”

    Note –

    Do not log out at this time. Proceed to the next task, “To Verify that Single Sign-On Works Properly on Subsequent Login.”

ProcedureTo Verify that Single Sign-On Works Properly on Subsequent Login

  1. In the browser location field, enter the following URL:


    https://LoadBalancer-9.siroe.com:3443/federation/saml2/jsp/
spSSOinit.jsp?metaAlias=/sp&idpEntityID=loadbalancer-3.example.com

    The Access Manager login page is displayed.

  2. Log in to the Access Manager console using the following information:

    User Name:

    idpuser

    Password:

    idpuser

    An HTML page is displayed and contains the following message, “Single Sign-on succeeded.” Note that the user logs in to only Access Manager and is not prompted to log into Federation Manager. This verifies that SSO is working properly.