Configuration Manager - IDP
The function that allowed the ILS to act as an IDP for other applications.
Description
Setting | What does the setting do? |
|---|---|
Access token expiry time | Time to live in seconds from the access token generation. |
Use secure cookies | Using secure cookies should only be disabled in testing environment. |
Cookie path | |
Keystore path | Keystore with private key for signing SAMLResponse. |
Keystore password | Password for keystore with private key for signing SAMLResponse. |
Providers
Several providers can be configured. Per provider the following settings are available:
Setting | What does the setting do? |
|---|---|
Entity ID* (100 characters max.) | The entity id identifying the Service Provider. |
Assertion Consumer Service URL* (200 characters max.) | The assertion consumer service location URL pointing to the service provider. |
Binding | The binding used to send the SAMLResponse. Valid values are HTTP-GET and HTTP-POST. When nothing is given, HTTP-GET is used. |
Certificate keystore alias (100 characters max.) | The alias from the keystore that contains the certificate that can be used to validate the Authentication Request. If the attribute is not filled, the entity id attribute will be used as alias. |
Signed authentication request | If this is active, before the BASE64 Encoding, the SAMLResponse will be deflate. |
Signed authentication request | The flag tells the IdP if a SP sends the Authentication Request Signed. If the flag is true, the IdP will try to validate the request with the SP Public Certificate added in the keystore. |