Previous Topic: Authentication Options using Partnership FederationNext Topic: Assertion Validity for Single Sign-on

CA SiteMinder® Federation Standalone GuideSingle Sign-on ConfigurationSingle Sign-on Configuration (Relying Party)

Single Sign-on Configuration (Relying Party)

To configure single sign-on at the relying party, you specify the SAML binding supported by the relying party and the related aspects of how the relying party handles single sign-on communication.

When CA SiteMinder® Federation Standalone is at the relying party, it uses the skew time set for the partnership to determine if the assertion it receives is valid. Read more about assertion validity to understand how CA SiteMinder® Federation Standalone uses the configured skew time.

Follow these steps:

  1. Begin at the appropriate step in the Partnership Wizard.
    SAML 1.1

    Single Sign-On

    SAML 2.0

    SSO and SLO

  2. Configure the settings in the SSO group box for the profiles you are using.

    For SAML 2.0, you can select both Artifact and POST—the local entity determines the sequence in which the bindings are tried.

    Note: Click Help for a description of fields, controls, and their respective requirements.

  3. If you select HTTP-Artifact, also configure the authentication method for the outgoing back channel.

This procedure completes the SSO configuration for the relying party.