How to disable the question asking if the user consents to federate with service provider

How to disable the question asking if the user consents to federate with service provider

Problem:



When a SAML 2 environment is setup to federate between an Identity Provider (IDP) and Service Provider (SP), the user is always prompted to consent to the federation before it progresses. For example, If a user hits an IDP intersite transfer URL, authenticates and gets redirected to the SP the user is federating with, the following message appears on the browser:







Administrator does not want the user to be prompted to federate but no option seems to exist in the Admin Console can change this behaviour - Admin tried going to the 'User Interaction Settings' option under the IDP servers Liberty -> Web service consumer and disabled user interactions but this had no effect.




Solution:



Making sure that the IDP servers are on Access Manager 3.1 Support Pack 3 or greater, set the federationConsent parameter in the IDP web.xml file to have a value of true. This file is located at /var/opt/novell/tomcat5/webapps/nidp/WEB-INF/ on Linux based IDP servers, and at C:\Program Files\Novell\Tomcat\webapps\nidp\WEB-INF\ on Windows based IDP servers.



The default web.xml file has the ldapLoadThreshold parameter set, so just add the federationConsent parameter below that as shown below.



        <context-param>
<param-name>ldapLoadThreshold</param-name>
<param-value>10</param-value>
</context-param>
<context-param>
<param-name>federationConsent</param-name>
<param-value>true</param-value>
</context-param>

Labels (1)

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
3 of 3
Last update:
‎2020-01-31 22:08
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.