You can use the administration console to add a partner
to a WS-Federation single sign-on federation.
About this task
The configuration steps are the same for adding all partners.
The configuration properties differ for identity provider and service
provider partners. The Partner wizard prompts you for the necessary
properties.
Procedure
- Log on to the IBM® Integrated
Solutions Console.
- Click . The Federation Partners panel opens.
- Click Create. The Select Federation
panel opens.
- Select the federation to which you would like to add a
partner.
- Click Next. The Contact Information
panel opens.
- Enter the Contact properties.
The company
name is required. The other fields are optional.
- Click Next. The WS-Federation Data
panel opens.
- Enter the requested properties.
- Click Next. The Configure Security
Token panel opens.
- Enter the configuration properties for the federated security
token.
The configuration properties are specific
to the partner role:
- When adding an identity provider partner:
- When assertions should be signed click Enable the Signing
of Assertions. When you select this check box, you must
specify a key for signing assertions. Select the Keystore,
enter the Keystore Password, click List
Keys and select the key from the key table.
- Optionally specify attributes in the field: Include
the following attribute types (a '*' means include all types.
- Click Next.
- When adding a service provider partner:
- When signatures should be validates click Enable Signature
Validation. When you select this check box, specify a
key to use for validating signatures. Select the Keystore,
enter the Keystore Password, click List
Keys and select the key from the key table.
- Click Next.
The Identity Mapping Options panel opens.
- Select one of the radio buttons.
The Summary panel opens.
- Verify that the settings are correct and click Finish. The Add Partner Complete panel opens.
- Click Enable Partner to activate this partner.
The partner has been added to the federation, but
is disabled by default as a security precaution. You must enable the
partner.