SAML Identity Provider general configuration
This webapplication will be made up of a webapplication link and a public webapplication object. It will not have a host object like many other webapps.
In this example we will use the following settings: Application type : public Context path (alias) : /mysamlapp Assigned Relays : <appropriate relays to run this application> Startup url : /swPublicSSO/SAML/mysamlapp
Then on the Authentication Tab for the webapplication object we have: Type : SAML Identity : Identity Provider Assertion Consumer (This is provided by your vendor) : https://url-from.3rdpartyexample-cloud.com/login.saml Target Resource (This is provided by your vendor) : https://somename.3rdpartyexample-cloud.com/sso.do Issuer (Vendor may tell you to put a specific string here) : somename Audience ( Vendor will provide this url) : https://url-from.3rdpartyexample-cloud.com/ PFX Certificate : Use the wizard to generate the certificate Private Key : Filled in when you do the wizard for the PFX Certificate Certificate : Click the wizard and fill in the information to generate the certificate.
Then on the Attributes Tab. This is for sending data to the 3rd party server to provision users. Provision : Enabled Provision Type : SAML Provisioning Parameters (these would be what the 3rd party service requires): • email = @@attr:mail@@ • externalID=@@lower(typelessuserid)@@ • firstName=@@usergivenname@@ • lastName=@@usersurname@@
When the user clicks on the link for this webapplication, webNetwork would contact the service using the urls provided in the webapplication and would send the data on the provisioning tab and the vendor would exchange some certificate information and would authorize the webNetwork user to talk to the hosted service.
As of 6.5, the options from the Authentication Tab and Attributes Tab now reside in a new SAML configuration editor.
See the LUW 6.5 SAML Guide for more information. |
Can't find the KB
Unable to find the KB to address your issue ?
Recent Articles
Lenovo Unified Workspace End-of-Life Questions and Answers
Will the shutdown of LUW servers and access to downloads affect my server licensing? No, the shutdown of the customer servers and access to the product and licensing downloads will not affect your server licensing. This license is downloaded and ...
How do I determine my Unified Workspace license expiration date?
The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...
Lenovo Unified Workspace 7.0.2.13 Released
Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...
LanSchool Documentation Guides
LanSchool Classic Teacher Console The LanSchool Teacher Console is the interface teachers will use to manage their classroom and students. It contains all the tools necessary for a teacher to effectively interact with students and create a ...
Lenovo Unified Workspace 7.0.1.41 Released
Highlights of Unified Workspace 7.0.1.41 Before you install: Please view the installation notes here. 7.0.1.41 requires a 7.0 license file. Below is a list of enhancements and fixes for Unified Workspace 7.0.1.41 Updated Log4j Updated Java Updated ...
Related Articles
SAML Identity Provider options
Problem: Customer or 3rd party vendor needs to know configuration options for setting up Identity Provider (IDP) initiated SAML. Cause: As opposed to Service Provider (SP) initiated SAML, Identity Provider (IDP) needs more information from vendor ...
SAML SP - Office365
General Setup Go to Azure AD (https://aad.portal.azure.com/) Click on "Enterprise applications" Click "New Application" Click "Non-gallery application" IMPORTANT - Office365 requires Azure AD and premium subscription, you may see an alternate screen ...
SAML SP - OneLogin
General Setup Go to OneLogin administrator page (/admin) Click on "Apps" Click "Company Apps" Click "Add App" Search for "SAML" Select "SAML Test Connector (Advanced)" Recommended to add "LUW" into Display Name Click "SAVE" button Click ...
SAML SP - ADFS
Pre-requisites Download the metadata file from https://YOUR-LUW-INSTALL/swSamlSp/metadata XML file Make sure ADFS has EnableIdpInitiatedSignonPage enabled MS article how to enable ...
SAML Service Provider
Issue How can I use a 3rd Party service (such as ADFS, Office365, or OneLogin) to SSO into UW? Solution The SAML Service Provider (SP) features allows another Identity Provider (IDP) to single sign-on into Unified Workspace using SAML for a seamless ...