Creating a WS-Federation Identity provider using OpenAM

StackOverflow https://stackoverflow.com//questions/9681309

Question

We are trying to implement SSO for our .NET application deployed on Azure. We have been mandated to use openAM as the Idp.

I am following instructions @ http://msdn.microsoft.com/en-us/library/gg429779.aspx. Step 3 states creating an Identity provider. Here i have have to provide a URL to the WS-Federated metadata.

In openAM i have created a hosted Idp. But providing its URL to in step 3 does not help as it does not point to WS-Federated metadata document.

I was wondering what do i do in openAM to create a WS-federated metadata document?

or more generally am i doing this completely incorrectly?

thank you

Sameer

Was it helpful?

Solution

While creating a hostedIdp select "no" when asked if metadata file already present. This means openAM will create it for you. To access it use /ssoadm.jsp. To activate ssoadmin follow steps @ https://wikis.forgerock.org/confluence/display/openam/Activate+ssoadm.jsp

Once at ssoadmin.jsp you need to use function "export-entity". Provide the hosted Idp entity name and security realm. You should get created WS-Federated metadata.xml, which you can then save

regards Sameer

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top