Previous Topic: Storing User Session, Assertion, and Expiry DataNext Topic: Federation Entity Configuration


User Directory Connections for Partnership Federation

Partnership federation looks up entries in a user directory to verify identities and retrieve user attributes for a given principal. At the asserting party, the federation partner generates assertions for the appropriate users, and authenticates each user against a user directory. At the relying party, the federation partner extracts the necessary information from an assertion and looks in the user directory for the appropriate user record.

Configure connections to existing user directories by selecting Infrastructure, Directory, User Directories in the Administrative UI. You are only establishing a connection to an existing user directory. You are not configuring a new user directory.

Note: To use an ODBC database in your federated configuration, set up the SQL query scheme and valid SQL queries before selecting an ODBC database as a user directory.

Configure connections to more than one directory if necessary. The directories do not have to be the same type.

For detailed information about user directories, see the Policy Server Configuration Guide.