We would like to integrate BSM 9.26 with OneLogin's SAML authentication solution (https://www.onelogin.com/)
Administrator of OneLogin (of my customer) provided me with:
- the OneLogin server signing certificate to import
- Trustes Hosts / Domain to configure
And in return he wanted me to give him the XML metadata file that would contain the ACS URL, EntityID ...
I integrate the OneLogin .pem certificate into the file: C: \ HPBSM \ conf \ settings \ SingleSignOn \ SAMLKeyStore
Then configure the SSO with the following infos :
- Single Sign-On Mode : Lightweight
- JMX to get/set Token Creation Key (initString) : http://<gateway server>:29000/mbean?objectname=Topaz:service=LW-SSO Configuration
- HP Business Service Management Domain : Parse automatically
Trusted Hosts/Domains [airbusstaging.onelogin.com]
- Enable SAML2 authentication schema : true
- SAML2 Creation Look for keystore in classpath : false
- SAML2 Creation Keystore filename : C:\HPBSM//conf//settings//SingleSignOn//SAMLKeyStore
- SAML2 Creation Private key alias hpsamlkey
- SAML2 Validation Look for keystore in classpath : true
- SAML2 Validation Keystore filename : C:\HPBSM//conf//settings//SingleSignOn//SAMLKeyStore
I sent the C: \ HPBSM \ conf \ settings \ SingleSignOn \ lwssofmconf XML file to the OneLogin administrator
And he replied:
"I looked at XML and it does not look like what I'm used to seeing. However it speaks well of SAML!
I have not seen including EntityID info and ACS URL."
Can you tell me if it's the correct XML file that I had to send it to. And if not can you tell me the file that I have to send to him to find EntityID and ACS URL ?