![]() You will need to set a name for the "Claim Rule", this name can be anything you wish to use. You will want to select the default "Client rule template" which is "Send LDAP Attributes as Claims". You will want to select "Add Rule" where you will be provided the "Claim Rule Wizard". So you select the "Relaying Party Trust" that you have created and then Select "Edit Claim Rules". ![]() In this scenario the first "Client Rule" you will be adding is based on the client username: Assertions are the data the AD FS will send back to the ProxySG regarding the user authentication request. A "Claim Rule" is where you will configure what data is sent in the assertions. Now that the AD FS has had the ProxySG added as a "Trusted Rely" you now need to add a "Claim Rule". Once you have either provided the correct URL for the Metadata.xml file or have uploaded the file you then need to supply a "Display Name".įor this deployment scenario the default option "Permit all users to access this relying party" has been selected. You can also use the URL directly in a browser to download the Metadata.xml file and then manually upload the file to the AD FS. This is the URL that the AD FS will use to load the Metadata.xml file from the ProxySG. Once you have started the wizard for AD FS you will need to provide the "Federation Metadata Address". Now that you have created and configured the SAML Realm on the SG you now need to perfrom some configuration action on the AD FS. For this example we will use the host "proxy" will resolve to the IP of the ProxySG. ![]() You will now need to set the Virtual Host URL, this is the URL that the ProxySG will forward the client connections to for the authentication. ![]() Once the Metadata.xml file has been loaded you will find that some of the option are auto completed for you. This is held on the AD FS under the path.ĪD FS > Services > Endpoints > scroll to the bottom Under the option "Federated IDP metadata URL" you will need to enter the URL for the Metadata.xml file. The reason why you use port 4433 is so that it does not conflict with any other HTTPS Reverse Proxy Service you have running on port 443.Ĭonfiguration > Authentication > SAML > New ![]() The first step that you would need to take is to create an HTTPS Reverse Proxy Service for the Virtual Host URL that will be used in the SAML Realm:Configuration > Services > Proxy Services > New ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |