Creating a SAML relationship between iChainSite and eMartian includes:
To create an affiliation between iChainSite and eMartian, iChainSite must have an entry in its list of Trusted Affiliates for eMartian. To create this entry:
In ConsoleOne, Select the iChainSite SAML Config Object.
Select New > Trusted Affiliate.
Figure 47In this example, the Trusted Affiliate object that represents www.emartian.com is named eMartian.
Open the eMartian Trusted Affiliate object's Properties page.
Figure 48Set the Site ID to www.emartian.com.
Auto-generate the SourceID.
Leave the Trusted Root Information fields blank.
Click the User Mapping page.
Specify your desired user mapping scheme.
If you want to quickly get your sites running, you can leave the rules blank and use the default user mapping defined in the SAML Config object. Alternatively, you can use the e-mail attribute to create a dynamic user mapping rule, as used in the iChainsite and eMartian samples.
Click the Assertions page.
Deselect the Digital Signing Information check boxes.
For details on how to set up security between the two sites, see Fine-Tuning the SAML Extension.
Figure 49 shows what the Assertions page should look like for the eMartian Trusted Affiliate:
Figure 49In order for the eMartian application to display custom-tailored content for the iChainSite users, the Email and Password attributes should be sent.
Figure 50 shows what the User Attributes page should look like:
Figure 50The iChainSite to eMartian Trusted Affiliate should have all of the URLs necessary to let iChain contact eMartian. Follow the example in Figure 51 to set up these URLs:
Figure 51At this point, iChainSite can trust eMartian. Continue with Creating the Trusted Affiliate Object for iChainSite.
Now that iChainSite can trust eMartian, you must configure eMartian to trust iChainSite in return. To do this, you must create a Trusted Affiliate entry in the eMartian SAML configuration representing iChainSite.
In ConsoleOne, select the eMartian SAML Config Object.
Select New > Trusted Affiliate.
Figure 52In this example, ichainsite is the chosen name for the Trusted Affiliate object. After you create this object, open its Properties page.
Right-click the object and select Properties.
Set the SiteID to www.ichainsite.com.
Auto-generate the SourceID.
Leave the Trusted Root Information fields blank.
Figure 53Click the User Mapping page.
Specify your desired user mapping scheme.
If you want to quickly get your sites running, you can leave the rules blank and use the default user mapping defined in the SAML Config object. Alternatively, you can use the e-mail attribute to create a dynamic user mapping rule, as used in the iChainsite and eMartian samples.
Click the Assertions page.
Deselect the Digital Signing Information check boxes.
For details on how to set up security between the two sites, see Fine-Tuning the SAML Extension.
Figure 53 shows what the Assertions page should look like for the iChainSite Trusted Affiliate:
Figure 54In order for the iChainSite application to display custom-tailored content for the eMartian users, the Email and Password attributes should be sent.
Figure 55 shows what the User Attributes page should look like:
Figure 55The eMartian to iChainSite Trusted Affiliate should have all of the URLs necessary to let eMartian contact iChainSite. Follow the example in Figure 56 to set up these URLs:
Figure 56