Previous Topic: Obtain the LoginIDNext Topic: Configure Single Sign-on at the SP

Federation Security Services GuideConfigure SiteMinder as a SAML 2.0 Service ProviderLook Up User Records for SAML 2.0 AuthenticationConfigure Disambiguation Locally as Part of the Authentication SchemeUse a Search Specification to Locate a User

Use a Search Specification to Locate a User

After you obtain the LoginID, you can use a search specification to locate the user in place of the default behavior, where the LoginID is passed to the Policy Server.

To locate a user with a search specification

  1. From the Authentication Scheme Properties dialog, click Additional Configuration.

    The SAML 2.0 Auth Scheme Properties dialog opens.

  2. Select the Users tab.
  3. Select a namespace to match the search specification to and click Edit.

    The SiteMinder Authentication Scheme Namespace Mapping dialog opens.

  4. In the Search Specification field, enter a namespace attribute that the authentication scheme uses to search that namespace, then click OK. Use %s in the entry as a variable representing the LoginID.

    Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

    For example, the LoginID has a value of user1. If you specify Username=%s in the Search Specification field, the resulting string is Username=user1. This string is verified against the user store to find the correct record for authentication.

  5. Click OK to save your configuration changes.