Versions Compared

Old Version 2

changes.mady.by.user Paul Ruvin

Saved on

compared with

New Version Current

changes.mady.by.user Paul Ruvin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Section
bordertrue


Column

Go to Users

Under Authenticators enable Single Sign-on / SAML



Click on Configure on the right. This will open the Single Sign-On / SAML configuration dialogue box.


Column
width50%60%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Modified  Image Modified





Enter the details of the SAML identity provider:

Section
bordertrue


Column

Click Add IDP


Follow the prompts to upload the IDP Metadata File you obtained from the DualShield Server.  (refer to Dualshield Configuration Part 1)



The Entitity ID/ Issuer ID will match the Entity ID you specified in the DualShield Service Provider.

There are two parts for specifying the Sign-In and Log-Out Page URLs

The first part is that that you will use the SingleSignOnService and SingleLogoutService URLs you copied from the DualShield SSO Server Metadata (see previous section) respectively.

The second part is that you will append these URLs with some extra information.

e.g.

Sign-in page URL

Column
width60%
Code Block
https://dualshield.yourdomain.com:8074/sso/Login/kvps/DASApplicationName/Ctera

Log-out page URL

Code Block
https://dualshield.yourdomain.com/sso/logout?DASApplicationName=Ctera
Column
width50%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Removed

Upload the Idp Certificate file

Image Added 





Section
bordertrue


Column

After adding the IDP metadata, the name must be entered. This name will appear on the IDP's button on the login page.


The User matching checkbox on the right is optional.

In order to do this, you need to convert the 'crt'  file that was downloaded in the previous section to a 'cer' file.

To begin, Open the crt file and install the Certificate to your personal folder in Certificate manager


Column
width50%60%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Removed  Image RemovedImage Added





Section
bordertrue


Column

Complete the site URL* and administrative contact details.

*If you have had to use an alternative HTTP/HTTPS port, please specify the port number in the site URL.


Click the Save Service Provider (SP) metadata link below

At the prompt make a note of the URL that will be used to download the SP Metadata, or simply click Yes to copy the link to the clipboard.

Once installed the Certificate needs to be exported

Export it as a Base-64 encoded X.509 (.CER)


Column
width50%60%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Removed Image Removed

You will also need to download the IdP Certificate

Image Added Image Added




Section
bordertrue


Column

Upload the exported CER fileClick on Ok to exit out of the Single Sign-On / SAML configuration dialogue box, and click on the Apply Changes button on the top right of the main console.



Column
width50%60%


Image Removed
Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Added



Launch a browser and paste in the SP metadata URL.

The metadata file will automatically download.