02-08-2012 4:18 PM
Hi,
I have EP 7.3 installed and a front end Web Dispatcher (SSL Terminate).
The EP should be SP (SAML2.0) and MS ADFS 2.0 as IdP. I have followed the "famous" Step by step ....7.x guide, the SAML2.0 setup at EP7.3 was done (I think). The SP metadata has been import to ADFS, IdP metadata is done as well.
But the whole scenarios is not working...not single issue, but I'd like to know:
1. How to change the default authentication mechanism to check SAML assertion and redirect user to ADFS for login if necessary (SP initiated). Should I change the "ticket" template, or "default" ?
2. How should I order the login modules ?
SAML2LoginModule SUFFICIENT
BasicPasswordLoginModule REQUISITE
is that correct ?
What I want is : user type in https://myep.mydomain.com/irj/portal , then being redirect to ADFS for login, after authN, redirect to EP's /irj/portal page.
Many thanks
02-27-2012 7:27 PM
Hi Wilson,
Could you provide more details what exactly is not working? Have you used the Security Troubleshooting Wizard (note 1332726) with type "SAML 2.0 (Info)" to collect traces?
Regards,
Dimitar
P.S. You have to change the signature settings on ADFS to use SHA-1 unless you have a latest 7.30 system and have enabled on it SHA-256 for signature digest.
Edited by: Dimitar Mihaylov on Feb 27, 2012 8:41 PM
07-24-2012 11:29 AM
Hi Wilson,
I have the same scenario. Did you resolve this ? If so, please share your solution.
I also followed the same article and configured EP7.3 as SP and ADFS as IdP. and also maintained trust identifiers.
Now if I log on to https://<ADFS HOST >/adfs/ls/IdpInitiatedSignOn.aspx , and under "Sign in to One of the following sites " I select EP system and provided the ADFS user Credentials, It redirects to https://<EPHOST>/irj/portal but lands on logon page. SSO is not happening.
Regards,
Eben Joyson
08-17-2012 7:18 AM
08-22-2012 5:18 AM
09-06-2012 5:15 AM
Hi Eben,
We are facing the same issue, where it is showing us the Portal logon page asking for credentials.
We want to login to portal with out asking for credentials.
Could you please share the solution?
Regards,
Satish