Configure Back Office SAML - ABO - Reference Guides

Back Office Configuration Guide

Product
ABO
AFS_Version
7.11
Category
Reference Guides
language
English
audience
public

Run the following commands:

As antidot user

cd /usr/local/afs7/bo-server/saml
install_saml_realm --realm-name $REALM_NAME -c default -k keystore.jks -p $KEYSTORE_PASSWORD -P $KEY_PASSWORD -i https://$BACK_OFFICE_HOST -d saml-idp.xml --mail-key $MAIL_KEY --name-key $NAME_KEY -l 28800 -H localhost -https --ws-login $BACK_OFFICE_LOGIN --ws-password $BACK_OFFICE_PASSWORD

Where:

  • -p is the Keystore Password previously entered.
  • -P is the Private Key Password previously entered.
  • --realm-name is the name of the realm in the configuration to create (must be unique).
  • --mail-key is the property used in the SAML response to store the email address of the user.
  • --name-key is the property used in the SAML response to store the name of the user.

The SAML response sent by the identity provider takes the form of an XML file containing keys/values such as <Email>foo@bar.com</Email> or <Name>Foo Bar</Name>.

These keys/values will be read by Fluid Topics as $MAIL_KEY and $NAME_KEY properties.

If this command returns the following error message: "command not found", please ensure that you correctly set the PATH variable.