Versions Compared

Old Version 45

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version Current

changes.mady.by.user Alex Stuart

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Add link to SSO wiki page

...

  • The entityID attribute on the <ApplicationDefaults> element needs to be changed to the SAML entityID you'd like to use for your deployment. This must be the value your federations and partners are expecting.
  • Configure SSO to an IdP or with a Discovery Service
    • To use a specific IdP, change the entityID setting in the <SSO> element to match the value in that IdP's metadata.
    • To use a discovery service, remove the entityID setting in the <SSO> element, and set the discoveryProtocol and discoveryURL settings appropriately.

...

  • The entityID attribute on the <ApplicationDefaults> element needs to be changed to the SAML entityID you'd like to use for your deployment. This must be the value your federations and partners are expecting.

...

  • <MetadataProvider> (zero or more on 2.4+, else required for <ApplicationDefaults>, optional for <ApplicationOverride>)
    • Supplies metadata about identity providers.
  • <TrustEngine> (zero or more on 2.4+, else required for <ApplicationDefaults>, optional for <ApplicationOverride>)
    • Controls how trust processing is performed to determine whether authentication of messages from identity providers succeeds or fails, including XML and simple signing, and SSL/TLS. In later versions, the default configuration used when none are specified is to chain the ExplicitKey and PKIX engines together.

...