| Panel | ||||
|---|---|---|---|---|
|
...
Any action URL parameters on the URL used by the SAML-authenticated user to access the Universal Controller web application are restored when the Service Provider-initiated SAML SSO authentication flow has completed successfully and the user has been redirected back to the Universal Controller web application.
| Note | ||
|---|---|---|
| ||
This is not applicable for an Identity Provider-initiated login. |
...
If you are a SAML-enabled user, the Controller allows you to initiate the SAML Single Sign-On authentication flow without leaving the application. On the Session Expired pop-up, instead of entering your login credentials, simply click the Login button to initiate the SAML SSO authentication flow..
If only your Universal Controller session has expired, and not your session with the Identity Provider, you are logged in without being prompted for your credentials. Click Continue on the original dialog to proceed, which closes the SAML SSO authentication flow window.
...
An administrator can turn on/off and configure SAML Single Sign-On through the user interface.
| Note | ||
|---|---|---|
| ||
Each Universal Controller cluster node maintains its own SAML Single Sign-On configuration, associated by Node Id. Therefore, you must complete the SAML Single Sign-On configuration for each deployed cluster node, including the Active node and any Passive nodes. The Identify Provider Metadata File and KeyStore File, by default located under ${catalina.base}/conf/saml/, must be accessible to each cluster node. |
Step 1 | From the Administration navigation pane, select SAML Single Sign-On. The SAML Single Sign-On page displays. |
|---|---|
Step 2 | Enter / select your SAML Single Sign-On, using the field descriptions below as a guide.
|
Step 3 | Click the |
...