Previous Topic: Configure WS-Federation Authentication Schemes for the Single Target RealmNext Topic: Configure the Single Target Realm

Federation Security Services GuideConfigure SiteMinder as a Resource PartnerHow To Protect a Target Resource with a WS-Federation Authentication SchemeConfigure a Single Target Realm for All WS-Federation Authentication SchemesConfigure a Custom WS-Federation Auth. Scheme

Configure a Custom WS-Federation Auth. Scheme

A single target realm relies on a custom authentication scheme to work.

To configure a custom authentication scheme for a single target realm

  1. Log on to the FSS Administrative UI.
  2. Select the System tab.
  3. Select Edit, System Configuration, Create Authentication Scheme.

    The Authentication Scheme Properties dialog opens.

  4. Complete the fields as follows:

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

    Name

    Enter a descriptive name to indicate the custom auth scheme, such as WS-Fed Custom Auth Scheme.

  5. Complete the following field in the Scheme Common Setup section:
    Authentication Scheme Type

    Custom Template

  6. Complete the following fields in the Scheme Setup tab
    Library

    smauthsinglefed

    Secret and Confirm Secret

    Leave this field blank.

    Confirm Secret

    Leave this field blank

    Parameter

    Instructs the custom scheme which WS-Federation authentication schemes it must use. Specify one of the following options:

    • SCHEMESET=LIST;Scheme1;Scheme2;

      Specifies list of target WS-Federation authentication scheme names to use (Scheme1 and Scheme2 are examples)

    • SCHEMESET=WSFED_PASSIVE;

      The smauthsinglefed scheme enumerates all WS-Federation authentication schemes to find the one with correct Provider Source Id.

    Enable this scheme for SiteMinder Administrators

    Leave unchecked.

  7. Click OK to save your changes.