Previous Topic: Set up the Service Provider for the Sample NetworkNext Topic: Add Functionality to the Federation Deployment

Federation GuidesLegacy Federation GuideUse a Sample Configuration to Learn About Legacy FederationTest SAML 2.0 Single Sign-on

Test SAML 2.0 Single Sign-on

To test single sign-on in a CA SiteMinder®-to-CA SiteMinder® network, use your own HTML page. The HTML page must contain a hard-coded link to the AuthnRequest service. For this deployment, the sample link for POST binding is:

http://www.sp.demo:81/affwebservices/public/saml2authnrequest?ProviderID=idp.demo

The AuthnRequest Service redirects the user to the Identity Provider specified in the link to retrieve the authentication context of the user. After the Identity Provider authenticates the user and establishes a session, it directs the user back to the target resource at the Service Provider.

Note: The ProviderID in the Authnrequest link must match the IdP ID field value specified in the SAML authentication scheme at the SP. The IdP ID field is on the Scheme Setup tab of the Authentication Scheme Properties dialog.

To test federated single sign-on

  1. Open up a browser.
  2. Enter the URL for the web page that has links to trigger single sign-on.

    A login challenge has to display.

  3. Using the login of an existing user in your user store, enter the user credentials. For example, if user1 is a user in the user store, enter the credentials for this user.

    If single sign-on is successful, your target page displays.

  4. After you test single sign-on, you can Add Functionality to the Federation Deployment.