Create a WS-Federation Identity Provider Using OpenAM

Question

Create a WS-Federation Identity Provider Using OpenAM

We are trying to implement SSO for our .NET application deployed to Azure. We were tasked with using openAM as an Idp.

I am following the instructions @ http://msdn.microsoft.com/en-us/library/gg429779.aspx . Step 3 sets up the creation of an identity provider. This is where I need to provide URLs for WS-Federated metadata.

In openAM, I created a hosted Idp. But providing its url in step 3 doesn't help as it doesn't point to the WS-Federated metadata document.

I was wondering what am I doing in openAM to generate a metadata document with WS-federation?

or, generally speaking, am I doing it completely wrong?

Thank you

Samir

+3

azure opensso single-sign-on openam ws-federation

user179056 13 Mar 12 at 9:24 am

source to share

1 answer

user179056 · Accepted Answer · 2012-03-14T13:40:30+0000

When creating the hostIdp, choose no if asked if a metadata file is present. This means openAM will create it for you. Use /ssoadm.jsp to access it. To activate ssoadmin follow steps @ https://wikis.forgerock.org/confluence/display/openam/Activate+ssoadm.jsp

After using ssoadmin.jsp, you need to use the "export-entity" function. Provide name and domain name Idp. You have to create generated WS-Federated metadata.xml which you can save

Best regards Samir

Create a WS-Federation Identity Provider Using OpenAM

More articles: