Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Servers: Configuration: Federation Services: SAML 2.0 Identity Provider

Configuration Options     Related Tasks     Related Topics

This page configures the SAML 2.0 per server identity provider properties

If you are configuring SAML 2.0 Identity Provider services for web single sign-on, after you complete the configuration settings on this page, return to the SAML 2.0 General page and click Publish Meta Data.

Configuration Options

Name Description
Enabled

Specifies whether the local site is enabled for the Identity Provider role.

MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderEnabled

Only Accept Signed Authentication Requests

Specifies whether incoming authentication requests must be signed. If set, authentication requests that are not signed are not accepted.

MBean Attribute:
SingleSignOnServicesMBean.WantAuthnRequestsSigned

Login Customized

Specifies whether a customized login web application is used. If you use a customized login web application, you must specify a login URL. If you do not customize the login, the login URL and login return query parameter are cleared when you save the changes.

If you use a customized login web application, you must specify a login URL. If you do not use a customized login web application, the login URL and login return query parameter are cleared when you save the changes to this page.

MBean Attribute:
SingleSignOnServicesMBean.LoginURL

Login URL

The URL of the login form web application to which unauthenticated requests are directed.

By default, the login URL is /saml2/idp/login using Basic authentication. Typically you specify this URL if you are using a custom login web application.

MBean Attribute:
SingleSignOnServicesMBean.LoginURL

Login Return Query Parameter

The name of the query parameter to be used for conveying the login-return URL to the login form web application.

MBean Attribute:
SingleSignOnServicesMBean.LoginReturnQueryParameter

POST Binding Enabled

Specifies whether the POST binding is enabled for the Identity Provider.

MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderPOSTBindingEnabled

Redirect Binding Enabled

Specifies whether the Redirect binding is enabled for the Identity Provider.

MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderRedirectBindingEnabled

Artifact Binding Enabled

Specifies whether the Artifact binding is enabled for the Identity Provider.

MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderArtifactBindingEnabled

Preferred Binding

Specifies the preferred binding type for endpoints of the Identity Provider services. Must be set to None, HTTP/POST, HTTP/Artifact, or HTTP/Redirect.

MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderPreferredBinding

Related Tasks

Related Topics


Back to Top