Name identifiers are used by the identity provider and the service provider to communicate with each other regarding a user. In this test, a persistent identifier is used to federate the identity provider's user profile with the same user's profile on the service provider side.
To Test Persistent Federation Using the Browser Artifact Profile
To Test Persistent Federation Using the Browser POST Profile
Enter the persistent federation URL in a web browser: https://lb2.idp-example.com:1081/opensso/saml2/jsp/idpSSOInit.jsp?metaAlias=/idp&spEntityID=https://lb4.sp-example.com:1081/opensso.
The request is directed to OpenSSO Enterprise on the service provider side.
Log in to the OpenSSO Enterprise console as a test user.
spuser
spuser
The login request is redirected to OpenSSO Enterprise on the identity provider side.
Log in to the OpenSSO Enterprise console as a test user.
idpuser
idpuser
The browser message “Single Sign-On succeeded” is displayed confirming that federation has succeeded.
(Optional) To view the SAML v2 assertion used, see the debug file in /export/ossoadm/config/opensso/debug/Federation.
Enter the persistent federation URL in a web browser: https://lb2.idp-example.com:1081/opensso/saml2/jsp/idpSSOInit.jsp?metaAlias=/idp&spEntityID=https://lb4.sp-example.com:1081/opensso&binding=HTTP-POST.
The request is directed to OpenSSO Enterprise on the service provider side.
Log in to the OpenSSO Enterprise console as a test user.
spuser
spuser
The login request is redirected to OpenSSO Enterprise on the identity provider side.
Log in to the OpenSSO Enterprise console as a test user.
idpuser
idpuser
The browser message “Single Sign-On succeeded” is displayed confirming that federation has succeeded.
(Optional) To view the SAML v2 assertion used, see the debug file in /export/ossoadm/config/opensso/debug/Federation.