Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space IDS and version 8.2

Contents

Table of Contents
excludeContents

Introduction

This page is a guide for configuring SAML 2.0 application integration in Ubisecure SSO.

...

Also it is good to understand what requests application’s SAML plug-in supports. Good to keep in mind that Ubisecure provides a plug-in SAML SP for Java application as well if needed.

SAML 2.0

...

Application Creation and Metadata Activation

Log in into Ubisecure SSO and follow the steps below to complete the task. You can obtain the SSO metadata file or link, from the [SAML 2.0], in the image in step 1 below. This information, either the metadata file or the link, to the application integrator.

  1. Start the configuration by creating a new site. Give a name to the site. E.g. ‘Extranet’. You may have several applications in this site

    Expand
    titleShow image


    Image Removed

    Image Added



  2. Create a new agent application by clicking on “New Agent…”New Application…

    Expand
    titleShow image


    Image Removed

    Image Added



  3. Name it e.g. ‘Web Shop’, select Agent Application type as ‘SAML Service Provider’ and check the ‘Enable’ check box. Click ‘OK’OK

    Expand
    titleShow image


    Image Removed

    Image Added



  4. Activate the web application’s Metadata, either by uploading the xml file, or by pasting the content for the xml file

    Expand
    titleShow image


    Image Removed

    Image Added



  5. Click ‘Update’ Updateto save the configuration to finalize the metadata activation


Creating Authorization Policy

Next, we will create an authorization policy for the site and add it to the application’s agent. Go to the site level (Extranet), and select ‘Authorization’ Authorization–tab. Click ‘New Policy…’ New Policy…and select ‘CustomerID password’. From now on all these methods added at the site level are available for activation for the applications in this Site

  1. Go to the ‘Authorization’ Authorization–tab now, and create a new policy e.g. ‘AP for the Web Shop’. Click ‘OK’OK. Next, go to ‘Attributes’ Attributes–tab to add the attributes which are forwarded to the application

    Expand
    titleShow image


    Image Removed

    Image Added



  2. Attributes can be added to the Agent’s Application’s Authorization Policy.

    Expand
    titleShow image (example attributes)


    Image Removed

    Image Added



  3. Click ‘Add…’ Add…and select the Agent Application to use this authorization policy. Click ‘OK’OK

    Expand
    titleShow image


    Image Removed

    Image Added



Adding Authentication Method

Next will add the authentication method to the site and activate it to the ‘Web Shop’ -agentapplication. Select ‘Extranet’ –site and ‘Methods’ Site Methods–tab.

  1. Enable the authentication method for the ‘Extranet’ -site by checking the check box in front of the method and click ‘OK’OK. Finally, press ‘Update’ Update-button below once the method has been added to the site

    Expand
    titleShow image


    Image Removed

    Image Added



  2. Assign the method to the ‘Web Shop’ –agent –application by selecting the ‘Agent’ Applications-tab in the site. Select the agent application by clicking on it and select ‘Methods’ Allowed Methods–tab

  3. Select the authentication method and click ‘Update…’Update…

    Expand
    titleShow image


    Image Removed

    Image Added



  4. Click ‘Add…’ Add…and select eIDMUser group (all users in CustomerID) to use this agent application and click ‘OK’OK.

    Expand
    titleShow image


    Image Removed

    Image Added



Now the Web Shop application is integrated with Ubisecure SSO using SAML 2.0.

Next, pass the Ubisecure SSO metadata information to the application development if you haven’t done so.

...