FederationFederation Security Services GuideDeploying Federation without the FSS Sample ApplicationSet Up the Identity Provider › Add the Service Provider to the Affiliate Domain at the IdP

Previous Topic: Add the User Directory to the Affiliate Domain at the IdP

Next Topic: Select Users For Which Assertions Will Be Generated at the IdP
Add the Service Provider to the Affiliate Domain at the IdP

To add sp.demo to the affiliate domain, you must specify values on the Users tab, the General tab, and the SSO tab before you can save a Service Provider object.

To add sp.demo to the Federation Sample Partners domain

  1. Begin at the Domains tab.
  2. Select Federation Sample Partners, right-click, and select Create SAML Service Provider.
  3. Complete the following fields:
    Name

    sp.demo

    Description

    Service Provider

    Authentication URL

    http://www.idp.demo/siteminderagent/redirectjsp/redirect.jsp

    This redirect.jsp is included with the Web Agent Option Pack that is installed at the Identity Provider site. In this deployment, that server is www.idp.demo. If the user does not have a SiteMinder session, the SSO service at the IdP redirects the user to the authentication URL for log in.

    After successful authentication, the redirect.jsp application redirects the user back to the SSO service for assertion generation. This URL must also be protected by a SiteMinder policy.

    Enabled

    Ensure it is checked. It should be checked by default.

  4. Keep the Policy Server User Interface open and Select Users For Which Assertions Will Be Generated at the IdP.