| Panel | ||||
|---|---|---|---|---|
|
...
SAML Profile | Binding | Endpoint |
|---|---|---|
Web Single Sign-on | HTTP-POST, HTTP-Artifact | scheme://server:port/contextPath/saml/SSO |
Single Logout | HTTP-POST, HTTP-Redirect | scheme://server:port/contextPath/saml/SingleLogout |
...
| Note | ||
|---|---|---|
| ||
Starting with Java 1.8.0_162, JCE unlimited policy is enabled by default. You no longer need to install the policy file in the JRE or set the security property crypto.policy. |
Debugging
The uc.saml.log.level property can be configured in the uc.properties to enable debug logging for the SAML framework. However, as a best practice, saml.log.level should remain at INFO under normal operation.
...
An administrator can turn on/off and configure SAML Single Sign-On through the user interface.
| Note | ||
|---|---|---|
| ||
Each Universal Controller cluster node maintains its own Single Sign-On Settings configuration, associated by Node Id. Therefore, you must complete the Single Sign-On Settings configuration for each deployed cluster node, including the Active node and any Passive nodes. The Identify Provider Metadata File and KeyStore File, by default located under ${catalina.base}/conf/saml/, must be accessible to each cluster node. |
Step 1 | From the Administration navigation pane, select Configuration > Single Sign-On Settings. The Single Sign-On Settings page displays. |
|---|---|
Step 2 | Enter / select your Single Sign-On Settings, using the field descriptions below as a guide.
|
Step 3 | Click the |
...