SAML identity provider (IDP) in the JSP-Loginapp

SAML identity provider (IDP) configuration of Airlock IAM involves using the Config Editor and editing XML files manually:

The most important entity-related settings must be provided in standardized SAML 2.0 metadata files (XML files).
Airlock IAM delegates most SAML processing to the OpenSSO library which has its own way of storing entity-related settings in extended metadata files (XML files).
All other SAML 2.0 related settings are managed in the Airlock IAM configuration using the ConfigEditor.

Standard SAML Metadata Files (e.g. idp.xml)

These standardized XML files contain all public configuration data of a SAML 2.0 entity, for both IDP and SP.

The general idea is to configure a SAML 2.0 capable application and then export the public settings to a SAML 2.0 metadata file.

This file may be imported by other applications that need to interact with this application.

Extended Metadata Files (e.g. idp-extended.xml)

These files contain all non-public configuration data of a SAML 2.0 entity. This is not part of the SAML 2.0 standard but specific to the OpenSSO library!

Chapter content

17.4.6.1.1. Prerequisites to setup IAM as SAML IDP

17.4.6.1.2. Configuring the IDP

17.4.6.1.3. Configuring the remote SPs

17.4.6.1.4. Common pitfalls

17.4.6.1.5. Set up multiple SAML IDPs with load balancing

Further information and links

SAML 2.0 (conceptual information)