...
Satu-Hetu configurations are listed in Services view (Home -> → Services).
Note |
---|
NOTE: Satu-Hetu Configuration procedure has changed in Ubisecure SSO Server 6.1. Prior to that, the Satu-Hetu configurations could be accessed from Home → Satu-Hetu Configuration . |
Figure 2. Services main view |
...
Satu-Hetu Configuration View
Figure 3. Satu-Hetu Configuration view |
- General
- Name
Name of the Satu-Hetu configuration - Description
Description of the Satu-Hetu configuration
- Name
- Satu-Hetu Cache
- Type
Satu-Hetu cache type. Supported cache types are Ubilogin and Katve. In addition, cache may be disabled by selecting Disabled. - Cache URL
Satu-Hetu cache URL and root. Cache entries are stored as children of root. Directory must be defined with external directory integration.
- Type
- Satu-Hetu Service
- URL
Satu-Hetu service URL. This is provided by VRK. For test environments, the current URL is https://vtjkysely2010.vrk.fi/sosowebsite/soso.asmx - Username
Username for Satu-Hetu service. - Password
Password for Satu-Hetu service. - SoSoNimi
This is a VRK specific parameter. The value will be provided by VRK. - Loppukäyttäjä
This is a VRK specific parameter. The value will be provided by VRK. - Laskutustiedot
This is a VRK specific parameter. The value will be provided by VRK. - Tunnistusportaali
This is a VRK specific parameter. The value will be provided by VRK. - Vara1
This is a VRK specific parameter. The value will be provided by VRK. - SSL
configuration Reference to a SSL configuration used in Satu-Hetu query. If omitted, the default SSL configuration and truststores are used. - Update
Update the modified configuration. - New…
Create a new Satu-Hetu configuration. - Delete
Delete the Satu-Hetu configuration. - Rename
Rename the Satu-Hetu configuration.
- URL
Methods view
Figure 4. Satu-Hetu Configuration Methods view
- Satu-Hetu Configuration
Methods view shows a list of available authentication methods. Selected methods are assigned with the current Satu-Hetu configuration. Each method may be assigned with at most one Satu-Hetu configuration at a time. Therefore, assigning a Satu-Hetu configuration to a method replaces the previous assignment. - Update
Assign the Satu-Hetu configuration with selected authentication methods - SSL
Configuration - SSL with client certificates is required by Satu-Hetu service in production environment. A test service without requirement for client certificates is also provided. SSL parameters are configured in Ubilogin installation directory.
Add the relative location of SSL configuration to ubisecure\config.index
ssl.vrk = custom/ssl/vrk.properties
Example config.index entry
Copy the client certificate and the trusted root certificate of the Satu-Hetu service to the same directory with SSL configuration. Create the SSL configuration file defined in config.index
.
Code Block | ||||
---|---|---|---|---|
| ||||
#client.localAddress = 0.0.0.0 client.cert = client.pfx client.cert.password = pass ca.cert = vrksp.crt |
Example SSL configuration file
client.localaddress
May be used to defines the local address to be used if the server has multiple IP addresses.
...
Satu-Hetu query is activated by creating a method attribute mapping and assigning it to an authentication method. An example is provided in the following figure. Please refer to the chapter Attribute Mapping in SSO Management pages for details.
Figure 5. Satu-Hetu Method Attribute Mapping |
...