Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Setup Config XML Files (For Synergetic Community Portal/SynWeb Newer than v68)

Common Configuration:

Login Properties

SAMLLoginBinding - The binding method used to send the login request to the IDP. Methods include REDIRECT or POST (Default: REDIRECT)

SAMLLoginDestination - The IDP URL of which the Authentication request can be sent to from the SP.

SAMLLoginX509CertificatePath - The path of the SAML signing certificate used to authenticate the messages from the IDP, normally per example (including tilde prefix): ~/Site/Certificates/yourcertname.crt 1

SAMLSPIssuer - Issuer uri which is sent with every request for the IDP to verify.

Logout Properties

SAMLLogoutBinding - The binding method used to send the LogoutRequest to the IDP. Methods include REDIRECT or POST. (Default: REDIRECT)

SAMLLogoutDestination - The logout URL of the IDP used to send the SAML logout request and terminate the session from the SP. The endpoint must support Single Sign Out.

SAMLLogoutX509CertificatePath2 - The path of the certificate used to sign the logout request being sent out to the IDP. This is most likely a private key (.pfx file).

SAMLLogoutX509CertificatePrivateKeyPassword2 - The private key used to utilise the certificate to the sign the request. The key must be encoded using the Portal Configuration tool.

SAMLIDPUserHomePageUrl - The URL of the login page of the IDP which is to be used only if there is a logout failure. The link will be used to redirect the user so a manual logout can be performed.

Legacy Support Properties

UseSAMLLegacyFlag2 - Set this to true to use legacy implementation of SAML. (Default: false)

Following Properties are only in use when UseSAMLLegacyFlag is true

  • SAMLLoginDestination
  • SAMLLogoutDestination
  • SAMLLoginX509CertificatePath
  • SAMLSPIssuer
  • SAMLRequestFormat2 - Base64/Base64Deflate
  • SAMLClaimAttributeName2 - Set SAML response claim attribute name linked to the IDP response. Supported values are (case sensitive - use same naming as generated in saml response - e.g. iDAMGuid):

    NameID (Default) Value maps to any of (Network Login, Config User Login Name, IdamLogin or CommunityGUID)

    IdamGUID Value from claims/IdamGUID mapped to Synergetic Community.IdamGUID. This is custom claim attribute.

    NetworkLogin 

    Name

Info

The SAML signing certificate needs to be in Base-64 encoded X.509 (.CER) format. If required, the supplied certificate format can be adjusted by importing to Windows Certificate Manager console then exporting the file.

2 Optional Parameters

 

 

Setup Configuration Keys

There are 2 configuration keys to visually display how the logout page is displayed when a logout is successful:

Info
titleSynWeb Logout Message
SynWeb|System|LogoutCustomHtml

 

 

Image Removed

Default logout message for SynWeb.

 

Info
titleCommunity Portal Logout Message
CommunityPortal|Pages|LogOut|LogoutCustomHtml

 

Image Removed

Default logout message for Community Portal

The configuration key supports HTML format.

 

 

...

Insert excerpt
SAML Post V68 (V68 onwards)
SAML Post V68 (V68 onwards)