SAML Identity Provider general configuration

SAML Identity Provider general configuration

This webapplication will be made up of a webapplication link and a public webapplication object. It will not have a host object like many other webapps. 

In this example we will use the following settings: 
Application type : public 
Context path (alias) : /mysamlapp 
Assigned Relays : <appropriate relays to run this application> 
Startup url : /swPublicSSO/SAML/mysamlapp 

Then on the Authentication Tab for the webapplication object we have: 
Type : SAML 
Identity : Identity Provider 
Assertion Consumer (This is provided by your vendor) : https://url-from.3rdpartyexample-cloud.com/login.saml 
Target Resource (This is provided by your vendor) : https://somename.3rdpartyexample-cloud.com/sso.do 
Issuer (Vendor may tell you to put a specific string here) : somename 
Audience ( Vendor will provide this url) : https://url-from.3rdpartyexample-cloud.com/ 
PFX Certificate : Use the wizard to generate the certificate 
Private Key : Filled in when you do the wizard for the PFX Certificate 
Certificate : Click the wizard and fill in the information to generate the certificate. 

Then on the Attributes Tab. 
This is for sending data to the 3rd party server to provision users. 
Provision : Enabled 
Provision Type : SAML 
Provisioning Parameters (these would be what the 3rd party service requires): 
• email = @@attr:mail@@ 
• externalID=@@lower(typelessuserid)@@ 
• firstName=@@usergivenname@@ 
• lastName=@@usersurname@@ 


When the user clicks on the link for this webapplication, webNetwork would contact the service using the urls provided in the webapplication and would send the data on the provisioning tab and the vendor would exchange some certificate information and would authorize the webNetwork user to talk to the hosted service. 


As of 6.5, the options from the Authentication Tab and Attributes Tab now reside in a new SAML configuration editor.

See the LUW 6.5 SAML Guide for more information.

    Can't find the KB

    Unable to find the KB to address your issue ?  

      • Recent Articles

      • Lenovo Unified Workspace End-of-Life Questions and Answers

        Will the shutdown of LUW servers and access to downloads affect my server licensing? No, the shutdown of the customer servers and access to the product and licensing downloads will not affect your server licensing. This license is downloaded and ...

      • How do I determine my Unified Workspace license expiration date?

        The best method for determining the licensing information including the expiration date of your Unified Workspace license: Login to your 8090 management console on each server This may take remoting into each LUW server and relay, opening a browser, ...

      • Lenovo Unified Workspace 7.0.2.13 Released

        Highlights of Unified Workspace 7.0.2.13 Before you install: Please view the installation notes here. 7.0.2.13 requires a 7.0 license file. Below is a list of enhancements and fixes released in Unified Workspace 7.0.2.13 Fixed external storage ...

      • LanSchool Documentation Guides

        LanSchool Classic Teacher Console The LanSchool Teacher Console is the interface teachers will use to manage their classroom and students. It contains all the tools necessary for a teacher to effectively interact with students and create a ...

      • Lenovo Unified Workspace 7.0.1.41 Released

        Highlights of Unified Workspace 7.0.1.41 Before you install: Please view the installation notes here. 7.0.1.41 requires a 7.0 license file. Below is a list of enhancements and fixes for Unified Workspace 7.0.1.41 Updated Log4j Updated Java Updated ...

      • Related Articles

      • SAML Identity Provider options

        Problem:  Customer or 3rd party vendor needs to know configuration options for setting up Identity Provider (IDP) initiated SAML. Cause:  As opposed to Service Provider (SP) initiated SAML, Identity Provider (IDP) needs more information from vendor ...

      • SAML SP - Office365

        General Setup Go to Azure AD (https://aad.portal.azure.com/) Click on "Enterprise applications" Click "New Application" Click "Non-gallery application" IMPORTANT - Office365 requires Azure AD and premium subscription, you may see an alternate screen ...

      • SAML SP - OneLogin

        General Setup Go to OneLogin administrator page (/admin) Click on "Apps" Click "Company Apps" Click "Add App" Search for "SAML" Select "SAML Test Connector (Advanced)" Recommended to add "LUW" into Display Name Click "SAVE" button Click ...

      • SAML SP - ADFS

        Pre-requisites Download the metadata file from https://YOUR-LUW-INSTALL/swSamlSp/metadata XML file Make sure ADFS has EnableIdpInitiatedSignonPage enabled MS article how to enable ...

      • SAML Service Provider

        Issue How can I use a 3rd Party service (such as ADFS, Office365, or OneLogin) to SSO into UW? Solution The SAML Service Provider (SP) features allows another Identity Provider (IDP) to single sign-on into Unified Workspace using SAML for a seamless ...