Support and Documentation

Sample SAML configuration

The following snippet is a typical deployment for SAML. You can paste and then modify this snippet in Tomcat's configuration file context.xml.

<Environment name="dari/defaultSamlCredential" override="false" type="java.lang.String" value="default" />  1
<Environment name="dari/samlCredential/default/class" override="false" type="java.lang.String" value="com.psddev.saml.SamlX509Auth" /> 2
<Environment name="dari/samlCredential/default/idpMetaDataPath" override="false" type="java.lang.String" value="/servers/tomcat/conf/idp_saml_metadata.xml" /> 3
<Environment name="dari/samlCredential/default/cmsLogin" override="false" type="java.lang.String" value="true" /> 4 
<Environment name="dari/samlCredential/default/entityId" override="false" type="java.lang.String" value="https://samltest.id/saml/sp" /> 5
<Environment name="dari/samlCredential/default/emailAttributeField" override="false" type="java.lang.String" value="email" /> 6
<Environment name="dari/samlCredential/default/identityProviderUrl" override="false" type="java.lang.String" value="http://sso.example.com/idp/SSOService.php" /> 7
<Environment name="dari/samlCredential/default/authLinkName" override="false" type="java.lang.String" value="Single Sign On" /> 8

1

Sets the prefix for the default configuration. See Default SAML configuration.

2

Configures the class for examining the SAML response. See Credential class.

3

Configures the path to the identity provider's metadata file. See Path to identity provider's metadata.

4

Indicates the SAML configuration default is enabled for allowing logins to Brightspot (instead of to a front-end). See CMS login.

5

Configures the identity provider's unique ID. See Entity ID.

6

Configures the name of the email attribute field in the SAML assertion. See Email attribute field name.

7

Configures URL to which Brightspot sends SAML requests. See Identity provider's URL.

8

Specifies label on the SSO login control. See Authentication link name.