Access https://sae.idp-example.com:8181/opensso/saml2/sae/saeIDPApp.jsp from a web browser.
The Secure Attributes Exchange IDP APP SAMPLE page is displayed.
Type the following values in the appropriate text field.
testuser
0
testuser@foo.com
mainbranch
https://sae.sp-example.com:8181/opensso/saml2/sae/saeSPApp.jsp
https://lb2.idp-example.com:1081/opensso/idpsaehandler/metaAlias/idp
https://sae.idp-example.com:8181/opensso/saml2/sae/saeIDPApp.jsp
Select symmetric from the drop down menu.
secret12
No value
No value
No value
Click Generate URL
The Secure Attributes Exchange IDP APP SAMPLE is generated and the following links are displayed.
Click here to invoke the remote SP App via http GET to local IDP : https://sae.sp-example.com:8181/ opensso/samples/saml2/sae/saeSPApp.jsp : ssourl Click here to invoke the remote SP App via http POST to IDP : https://sae.sp-example.com:8181/ opensso/samples/saml2/sae/saeSPApp.jsp : POST This URL will invoke global Logout : slourl |
ssourl, POST, and slourl are clickable.
Click ssourl.
The SAE SP APP SAMPLE page is displayed proving that Secure Attribute Exchange single sign-on has succeeded.
SAE SP APP SAMPLE Secure Attrs : sun.authlevel 0 sun.spentityid https://lb4.sp-example.com:1081/opensso branch mainbranch sun.idpentityid https://lb2.idp-example.com:1081/opensso mail testuser@foo.com |
Enter https://lb2.idp-example.com:1081/opensso/samples/saml2/sae/saeIDPApp.jsp in the browser to regenerate the Secure Attributes Exchange IDP APP SAMPLE page.
The Secure Attributes Exchange IDP APP SAMPLE is regenerated and the following links are displayed.
Click here to invoke the remote SP App via http GET to local IDP : https://sae.sp-example.com:8181/ opensso/samples/saml2/sae/saeSPApp.jsp : ssourl Click here to invoke the remote SP App via http POST to IDP : https://sae.sp-example.com:8181/ opensso/samples/saml2/sae/saeSPApp.jsp : POST This URL will invoke global Logout : slourl |
ssourl, POST, and slourl are clickable.
Click slourl.
The Secure Attributes Exchange IDP APP SAMPLE is displayed.
Type the following values in the appropriate text field.
testuser
0
testuser@foo.com
mainbranch
https://sae.sp-example.com:8181/opensso/saml2/sae/saeSPApp.jsp
https://lb2.idp-example.com:1081/opensso/idpsaehandler/metaAlias/idp
https://sae.idp-example.com:8181/opensso/saml2/sae/saeIDPApp.jsp
symmetric
secret12
No value
No value
No value
Click Generate URL.
The Secure Attributes Exchange IDP APP SAMPLE page is displayed.
Secure Attributes Exchange IDP APP SAMPLE Setting up the following params: branch=mainbranch mail=testuser@foo.com sun.userid=testuser sun.authlevel=0 sun.spappurl=https://sae.sp-example.com:8181/opensso/ saml2/sae/saeSPApp.jsp sun.idpappurl=https://sae.idp-example.com:8181/opensso/ saml2/sae/saeIDPApp.jsp Click here to invoke the remote SP App via http GET to local IDP : https://sae.sp-example.com:8181/opensso/saml2/sae/saeSPApp.jsp : ssourl Click here to invoke the remote SP App via http POST to IDP : https://sae.sp-example.com:8181/opensso/saml2/sae/saeSPApp.jsp This URL will invoke global Logout : slourl |
Click slourl.
The SAE SP APP SAMPLE page is displayed proving successful logout.
SAE SP APP SAMPLE Secure Attrs : sun.cmd logout sun.returnurl https://lb4.sp-example.com:1081/opensso/SPSloRedirect/ metaAlias/sp?SAMLRequest=nZNva9swEMa%2FitHbkliS438iMQTCWErXpvUWxt5 d7HMqsCVPJ0P27WcnLaSDdlDQq5Oe%2Bz33cFoSdG2v7uzRDv4Jfw9IPghOXWtIna9 WbHBGWSBNykCHpHylyvW3OyXnXPXOelvZlgXbzYqRrKPDouKQQpOmnIsMRSMhgSgRIuU gU55jLEQlWbBHR9qaFRvbjGqiAbeGPBg%2FljjPZjyfyfy7jFSUjOcXCzajNW3An1XP3 vekwrA9zJI5aWdxXtlOCZ6J0PZoiGxY7srWPmGtHVY%2B7NDDutVAIfUsuLf%2BwTy4d ePR%2FQtcXIDFcgpAna25q0g%2BTgSI0E0eWXHlUc7xBF3fXrlsoFuGV4QX3P3Ycbv5B C6YlI8DtLrR00z%2FpbOg3L2veS9VFnyxrgP%2Fsa2poutZc36qvANDGo1nhfwqbv78u O334tGI26MRxzAWu%2F3NDp5%2FvsRxSeASR69KpGlPtqbG0yf2siC5iMe9SzMeJynK KhVCZsAhr6s6y2OIDg1WUSq4uODfEovX4psPUvwF&RelayState=s212b785d4bda31 faa635552f1233bbbb3a2c5badb&sun.appreturn=true Logout URL |
Click Logout URL on the page displayed in the previous step.
At the bottom of the displayed page, you will see This proves SLO success.
If there are issues running this test, see the OpenSSO Enterprise debug files located in the /export/ossoadm/config/opensso/debug/Federation directory on both the identity provider and the service provider sides.