15.3 Testing Requests Initiated by the Service Provider Using HTTP Redirect
Use the following as your checklist for testing:
Note –
Conduct the four tests using the same browser window instance. The tests must be conducted in consecutive order to satisfy Use Case 1B.
To Test Persistent Federation Using Browser
POST
-
Access the Federation Manager server using one of the following alternatives:
-
Go to the index.jsp URL:
https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp
On the SAML2 Use Cases page, in the SP Initiated Profiles section, click the following link:
Persistent Federation (Browser POST)
-
Go to the following URL:
https://loadbalancer-9.siroe.com:3443/federation/saml2/jsp/ spSSOInit.jsp?metaAlias=/sp&idpEntityID= loadbalancer-3.example.com&binding=HTTP-POST
The login request is redirected to Access Manager.
-
-
Log in to the Access Manager console using the following information:
- User Name:
-
idp
- Password:
-
idp
The login request is redirected to Federation Manager.
-
Log in to the Federation Manager console using the following information:
- User Name:
-
spuser
- User Name:
-
spuser
The message “Single Sign-On succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.
# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2
To Test Logout Using HTTP
-
Go to the index.jsp URL:
https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp
On the SAML2 Use Cases page, in the SP Initiated Profiles section, click the following link:
Logout (HTTP)
-
Go to the following URL:
https://loadbalancer-9.siroe.com:3443/federation/saml2/jsp/ spSingleLogoutInit.jsp?metaAlias=/sp&idpEntityID= loadbalancer-3.example.com
The message “SP initiated single logout succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.
# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2
Access the Federation Manager server using one of the following alternatives:
To Test Single Sign-On Using Browser POST
-
Access the Federation Manager using one of the following options:
-
Go to the index.jsp URL:
https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp
On the SAML2 Use Cases page, in the SP Initiated Profiles section, click the following link:
Single Sign-On (Browser POST)
-
Configure and go to the following URL:
https://loadbalancer-9.siroe.com:3443/federation/saml2/jsp/ spSSOInit.jsp?metaAlias=/sp&idpEntityID= loadbalancer-3.example.com&binding=HTTP-POST
The login request is redirected to Access Manager.
-
-
Log in to the Access Manager console using the following information:
- User Name:
-
idp
- Password:
-
idp
The message “Single Sign-On succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.
# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2
To Test Federation Termination Using HTTP
-
Go to the index.jsp URL:
https://LoadBalancer-9-siroe.com:3443/federation/saml2/jsp/index.jsp
On the SAML2 Use Cases page, in the SP Initiated Profiles section, click the following link:
Federation Termination (HTTP)
-
Go to the following URL:
https://loadbalancer-9.siroe.com:3443/federation/saml2/jsp/ spMNIRequestInit.jsp?metaAlias=/sp&idpEntityID= loadbalancer-3.example.com&requestType=Terminate
The message “ManageNameID Request succeeded” is displayed. You can view the debug file to see the actual assertion that was sent over the wire.
# vi /var/opt/SUNWam/fm/federation/debug/fmSAML2
Access the Federation Manager server using one of the following alternatives:
- © 2010, Oracle Corporation and/or its affiliates