Versions Compared

Old Version 3

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space IDS and version 8.2

...

Code Block
languagetext
titleListing 1. An overview of the SAML SP files after the integration
<webapp_directory>\WEB-INF\web.xml		   					[servlet and filter configuration] 
<webapp_directory>\WEB-INF\lib\*.jar						[SAML SP binary libraries]
<webapp_directory>\WEB-INF\saml2\sp\identity.properties		[SAML SP identity]
<webapp_directory>\WEB-INF\saml2\sp\metadata\metadata.xml	[IDP metadata]

Copying the Binary Libraries

Copy the binary libraries from ubispservlet/webapp/WEB-INF/lib to the WEB-INF/lib directory of the web application.

Code Block
languagetext
titleListing 2. Copying the binary libraries
cd ubispservlet\webapp\WEB-INF\lib
copy *.jar <webapp_directory>\WEB-INF\lib\.

Create the SAML Service Provider identity

The SAML Service Provider identity consists of an Entity ID, an RSA private key and an HTTP endpoint address. The Entity ID and private key are used to identify and authenticate the Service Provider to the Ubisecure Identity Provider, typically Ubisecure Server. The HTTP endpoint is used by the Ubisecure IDP to submit protocol messages to the Service Provider.

...

Note

NOTE: Always use the same hostname when accessing the application. The hostname should be identical with the hostname given in Listing 3 (e.g., sp.example.com) and not for example an address with the application server's IP address instead of the hostname.

Associate the SP Identity with a Ubisecure Web Agent

Use the Ubisecure Management application to associate the Service Provider identity with a Ubisecure Web Agent. You need to upload the SAML metadata of the Service Provider to the management application.

...

Use the commands in Listing 4 to write the SAML metadata of the Service Provider to a file. Use your web browser to associate the SP Identity with a Ubisecure Web Agent by uploading this metadata file in the Ubisecure Management application.

Using the Ubisecure Management Application

Figure 1. Select SAML Service Provider from the drop down list and click Activate

...

Figure 3. The SAML Service Provider ID field now shows the Entity ID of your SP

Get the Metadata of the Identity Provider

Download the Ubisecure IDP metadata from the SAML 2.0 link on the Ubisecure Management home page. Save this file into the /WEB-INF/saml2/sp/metadata folder of your web application.

...

During startup the Service Provider will locate and read all files in the /WEB-INF/saml2/sp/metadata folder. This folder must contain a single metadata file for a SAML Identity Provider. (It may however contain another metadata file for an Attribute Authority. See Attribute authority metadata below for more details.) The Service Provider startup will fail if an IDP metadata file is not found, or if the folder contains more than one IDP metadata file.

Attribute Authority Metadata

An Attribute Authority enables the real-time access of attributes via the backchannel. This functionality is rarely required.

...