Sample SAML configuration

The following snippet is a typical deployment for SAML. You can paste and then modify this snippet in Tomcat’s configuration file context.xml.

showLineNumbers {1,2,3,4,5,6,7,8}

1<Environment name="dari/defaultSamlCredential" override="false" type="java.lang.String" value="default" />
2<Environment name="dari/samlCredential/default/class" override="false" type="java.lang.String" value="com.psddev.saml.SamlX509Auth" />
3<Environment name="dari/samlCredential/default/idpMetaDataPath" override="false" type="java.lang.String" value="/servers/tomcat/conf/idp_saml_metadata.xml" />
4<Environment name="dari/samlCredential/default/cmsLogin" override="false" type="java.lang.String" value="true" />
5<Environment name="dari/samlCredential/default/entityId" override="false" type="java.lang.String" value="https://samltest.id/saml/sp" />
6<Environment name="dari/samlCredential/default/emailAttributeField" override="false" type="java.lang.String" value="email" />
7<Environment name="dari/samlCredential/default/identityProviderUrl" override="false" type="java.lang.String" value="http://sso.example.com/idp/SSOService.php" />
8<Environment name="dari/samlCredential/default/authLinkName" override="false" type="java.lang.String" value="Single Sign On" />

1. Sets the prefix for the default configuration. See Default SAML configuration.
2. Configures the class for examining the SAML response. See Credential class.
3. Configures the path to the identity provider’s metadata file. See Path to identity provider’s metadata.
4. Indicates the SAML configuration default is enabled for allowing logins to Brightspot (instead of to a front-end). See CMS login.
5. Configures the identity provider’s unique ID. See Entity ID.
6. Configures the name of the email attribute field in the SAML assertion. See Email attribute field name.
7. Configures URL to which Brightspot sends SAML requests. See Identity provider’s URL.
8. Specifies label on the SSO login control. See Authentication link name.