15.2 Testing Requests Initiated by the Service Provider Using SOAP

Use the following as your checklist for testing this use case:

1. Test persistent Federation using browser artifact.

2. Test logout using SOAP.

3. Test Single Sign-On using browser artifact.

4. Test Federation termination using SOAP.

Conduct the four tests using the same browser window instance. The tests must be conducted in consecutive order to satisfy Use Case 1A.

To Test Persistent Federation Using Browser Artifact

1. Access the Federation Manager server using one of the following alternatives:

   • Go to the index.jsp URL:

     https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp

     On the SAML2 Use Cases page, in the SP Initiated Profiles section, click the following link:

     Persistent Federation (Browser Artifact)

   • Go to the following URL:

     https://loadbalancer-9.siroe.com:3443/federation/saml2/jsp/ spSSOInit.jsp?metaAlias=/sp&idpEntityID= loadbalancer-3.example.com

   The login request is redirected to Access Manager.

2. Log in to the Access Manager console using the following information:

   User Name:

   idp

   Password:

   idp

   The login request is redirected to Federation Manager.

3. Log in to the Federation Manager console using the following information:

   User Name:

   spuser

   User Name:

   spuser

   The message “Single Sign-On succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.

   # vi /var/opt/SUNWam/fm/federation/debug/fmSAML2

15.2.1 To Test Logout Using SOAP

Access the Federation Manager server using one of the following alternatives:

• Go to the index.jsp URL:

  https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp

  On the SAML2 Use Cases page, in the SP Initiated Profiles section, click the following link:

  Logout (SOAP)

• Go to the following URL:

  https://loadbalancer-9.siroe.com:3443/federation/saml2/jsp/ spSingleLogoutInit.jsp?metaAlias=/sp&binding= urn:oasis:names:tc:SAML:2.0:bindings: SOAP&idpEntityID=loadbalancer-3.example.com

The message “SP initiated single logout succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.

# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2

To Test Single Sign-On Using Browser Artifact

1. Access the Federation Manager server using one of the following options:

   • Go to the index.jsp URL:

     https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp

     On the SAML2 Use Cases page, in the SP Initiated Profiles section, click the following link:

     Single Sign-On (Browser Artifact)

   • Go to the following URL:

     https://loadbalancer-9.siroe.com:3443/federation/saml2/jsp/ spSSOInit.jsp?metaAlias=/sp&idpEntityID= loadbalancer-3.example.com

2. The login request is redirected to Access Manager.

3. Log in to the Access Manager console using the following information:

   User Name:

   idp

   Password:

   idp

   The message “Single Sign-On succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.

   # vi /var/opt/SUNWam/fm/federation/debug/fmSAML2

To Test Federation Termination Using SOAP

Access the Federation Manager server using one of the following alternatives:

• Go to the index.jsp URL:

  https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp

  On the SAML2 Use Cases page, in the SP Initiated Profiles section, click the following link:

  Federation Termination (SOAP)

• Go to the following URL:

  https://loadbalancer-9.siroe.com:3443/federation/saml2/jsp/ spMNIRequestInit.jsp?metaAlias=/sp&idpEntityID= loadbalancer-3.example.com&requestType= Terminate&binding=urn:oasis:names:tc:SAML:2.0:bindings:SOAP

  The message “ManageNameID Request succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.

  # vi /var/opt/SUNWam/fm/federation/debug/fmSAML2