The Applications page populates a number of fields for you. It is able to use information in your environment to help populate the metadata and other fields. The information in the Federation Instructions is specific to your environment.
Table 6-1 Connector for Access Manager Configuration Options
|
Options |
Description |
|---|---|
|
Name |
Specify a name for the connector for Access Manager. |
|
Description |
(Optional) Specify a description on the connector for Access Manager. You could have two connectors for Access Manager so ensure to use a unique name and a description to help determine the differences between the connectors. |
|
Change Image |
(Optional) Change the default image that the User Portal page displays to the users. Each connector contains a default image. You can change that image to any image you want. The maximum image size is 200 x 200 pixels and the ideal image size is 100 x 100 pixels. You can use an image from the Image Gallery or upload your own image. |
|
Application Connector Setup |
This section displays the metadata information Access Manager requires from the connected Access Manager system to create the federated connection. NOTE:The Advanced Setup does not appear until you save the connector. |
|
Application Connector Setup > Assertion consumer service URL |
Specify the information found in the AssertionConsumerService Location field with the HTTP-POST binding from the connected Access Manager system metadata file. |
|
Application Connector Setup > Destination URL |
(Optional) Specify the URL where users go after the initial login. |
|
Application Connector Setup > EntityID |
Specify the information found in the EntityID field from the connected Access Manager system metadata file. |
|
Application Connector Setup > Logout response URL |
Specify the information found in the SPSSODescriptor element, use the value from the SingleLogoutService ResponseLocation field with the HTTP-POST binding from the connected Access Manager system metadata file. |
|
Application Connector Setup > Logout URL |
Specify the information found in the SPSSODescriptor element, use the value from the SingleLogoutService Location field with the HTTP-POST binding from the connected Access Manager system metadata file. |
|
Application Connector Setup > Metadata |
Displays the metadata for the connector. You can view or download the metadata. If you have not saved the connector, the system creates the SAML 2.0 metadata using the values provided and other values from the connector. |
|
Application Connector Setup > Signing Certificate |
Uploads a signing certificate file to secure communication between the two Access Manager systems. Or it displays the content of the signing certificate if you have saved the connector. The system automatically adds this new certificate to the trust store for Administration Console. However, this new certificate is not automatically added to the trust store for the IDP cluster. IMPORTANT:You must manually add this signing certificate to the IDP Cluster trust store or the health of the IDP cluster turns yellow and users do not see this new appmark when they log in to the User Portal page. For more information, see |
|
Attributes |
Allows you to see and manage the attributes that are part of the SAML 2.0 assertion. NOTE:The Advanced Setup does not appear until you save the connector. |
|
Attributes > NameID |
Specify an LDAP attribute that contains the user name identifier in the connected Access Manager system. |
|
Access and Roles |
Allows you to control who has access to the application. NOTE:The Advanced Setup does not appear until you save the connector. |
|
Access and Roles > Roles |
Select the role assignments to determine the user accessibility of this application. The Role assignments made in the Appmark editor determine the user visibility of the appmarks associated with this application not the accessibility of the application. |
|
Access and Roles > Contracts |
Select the contracts presented to users when they click the appmark. The users see these contract unless the contract is satisfied during login or through the authentication levels. |
|
System Setup |
Displays the metadata information from Access Manager to use in the connected Access Manager system to create the federated connection. |
|
System Setup > Metadata |
You can view or download the metadata information from Access Manager to create the federated connection. |
|
System Setup > Signing Certificate |
You can view or download the signing certificate from Access Manager to create the federated connection. |
|
System Setup > Federation Instructions |
Contains the federation instructions on what you must change or modify in Access Manager to create the federated connection. Follow the federated instructions. |