FederationFederation Security Services GuideDeploying Federation without the FSS Sample ApplicationSet Up the Identity Provider › Specify the User Store for the IdP Policy Server

Previous Topic: Enable Web Agent Option Pack Logging at the IdP

Next Topic: Set up an Affiliate Domain at the IdP
Specify the User Store for the IdP Policy Server

The IdP user directory consists of user records for which the Identity Provider will generate assertions.

The following steps specify how to configure a user directory in the Policy Server User Interface. The directory, called IdP LDAP, is the Sun ONE LDAP directory that contains the users Tuser1 and Tuser2.

To configure a user directory

  1. Log into the Policy Server User Interface.
  2. Select the System tab.
  3. Select Edit, System Configuration, Create User Directory.

    The User Directory Properties dialog opens.

  4. Complete the following fields in the Directory Setup group box:
    Name

    IDP LDAP

    In the Directory Setup group box:

    NameSpace

    LDAP

    Server

    www.idp.demo:42088

  5. Complete the following field in the LDAP Search group box:
    Root

    dc=idp,dc=demo

    Accept the defaults for the other values.

    Complete the following field in the LDAP User DN Lookup group box:

    Start

    uid=

    End

    ,ou=People,dc=idp,dc=demo

  6. Click View Contents to ensure you can view the contents of the directory.
  7. Click Submit.
  8. Set up an Affiliate Domain at the IdP.