Previous Topic: Assign Name IDs to AffiliationsNext Topic: View a List of Service Providers in an Affiliation

Federation Security Services GuideConfigure SAML 2.0 Affiliations At the Identity ProviderConfigure AffiliationsSpecify Users for Disambiguation for SAML Affiliations

Specify Users for Disambiguation for SAML Affiliations

The Users tab has no function for a site acting as an Identity Provider. Disregard this tab.

For a system acting as a Service Provider, the Users tab lets you configure the user disambiguation process.

To configure the disambiguation process for a Service Provider

  1. Enter an Xpath query in the Xpath Query field that the authentication scheme uses to obtain the LoginID from the assertion.
  2. Select a namespace in the Namespace list box to match the search specification to and click Edit.

    The SiteMinder Authentication Scheme Namespace Mapping dialog box opens.

  3. In the Search Specification field, enter the attribute that the authentication scheme uses to search a namespace, then click OK. Use %s in the entry as a LoginID variable.

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

    For example, the LoginID has a value of user1. If you specify Username=%s in the Search Specification field, the resulting string is Username=user1. This string is checked against the user store to find the correct record for authentication.