| |
Servers: Configuration: Federation Services: SAML 2.0 Identity Provider
Configuration Options Related Tasks Related Topics
This page configures the SAML 2.0 per server identity provider properties
If you are configuring SAML 2.0 Identity Provider services for web single sign-on, after you complete the configuration settings on this page, return to the SAML 2.0 General page and click Publish Meta Data.
Configuration Options
Name Description Enabled Specifies whether the local site is enabled for the Identity Provider role.
MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderEnabledOnly Accept Signed Authentication Requests Specifies whether incoming authentication requests must be signed. If set, authentication requests that are not signed are not accepted.
MBean Attribute:
SingleSignOnServicesMBean.WantAuthnRequestsSignedLogin Customized Specifies whether a customized login web application is used. If you use a customized login web application, you must specify a login URL. If you do not customize the login, the login URL and login return query parameter are cleared when you save the changes.
If you use a customized login web application, you must specify a login URL. If you do not use a customized login web application, the login URL and login return query parameter are cleared when you save the changes to this page.
MBean Attribute:
SingleSignOnServicesMBean.LoginURLLogin URL The URL of the login form web application to which unauthenticated requests are directed.
By default, the login URL is
/saml2/idp/loginusing Basic authentication. Typically you specify this URL if you are using a custom login web application.MBean Attribute:
SingleSignOnServicesMBean.LoginURLLogin Return Query Parameter The name of the query parameter to be used for conveying the login-return URL to the login form web application.
MBean Attribute:
SingleSignOnServicesMBean.LoginReturnQueryParameterPOST Binding Enabled Specifies whether the POST binding is enabled for the Identity Provider.
MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderPOSTBindingEnabledRedirect Binding Enabled Specifies whether the Redirect binding is enabled for the Identity Provider.
MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderRedirectBindingEnabledArtifact Binding Enabled Specifies whether the Artifact binding is enabled for the Identity Provider.
MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderArtifactBindingEnabledPreferred Binding Specifies the preferred binding type for endpoints of the Identity Provider services. Must be set to
None,HTTP/POST,HTTP/Artifact, orHTTP/Redirect.MBean Attribute:
SingleSignOnServicesMBean.IdentityProviderPreferredBinding
|