2021.10
Collibra DIC Integration
Powered By GitBook
SAML IDP
Owl allows customers the ability to integrate with an existing SAML solution via the SAML Setup Configuration page. Administrators can configure SAML integration by navigating to the Admin Console and clicking on the SAML Setup Icon.
Additionally there are a few environment variable settings to consider
1
#enable SAML & show the SAML SSO option on the login page
2
SAML_ENABLED=true
3
4
#set SSL communication properties for SAML
5
SAML_KEYSTORE_FILE=/keystore.p12
6
SAML_KEYSTORE_PASS=****
7
SAML_KEYSTORE_ALIAS=****
8
9
#in multi-tenant mode set the name of the IDP variable to hold the tenat name
10
SAML_TENANT_PROP_NAME=tenant
11
12
#set the name of the IDP variable to hold the user roles in the response
13
SAML_ROLES_PROP_NAME=memberOf
14
15
#allow login if authenticated to the IDP
16
SAML_GRANT_ALL_PUBLIC=true
17
18
#set the EntityId of the application to be supplied to the IDP
19
SAML_ENTITY_ID=OwlOneLogin
20
21
#optinally set a property that contains the username in the response
22
SAML_USER_NAME_PROP=""
23
24
#optionally use a file for the IDP metadata vs a URL (default is true)
25
SAML_METADATA_USE_URL=false
26
27
#optional security settings to
28
SAML_METADATA_TRUST_CHECK=false
29
SAML_METADATA_REQUIRE_SIGNATURE=false
30
SAML_INCLUDE_DISCOVERY_EXTENSION=false
Copied!
Once you have set SAML_ENABLED=true you can start the web application and navigate to:
https://<server>/saml/metadata and it will download the SP meta-data to be used in your IDP configuration. For example on localhost: https://localhost:9000/saml/metadata
When you are ready with your IDP settings login as an existing admin (not SAML yet) to the tenant you want to configure
Go to Admin Console--> SAML Setup
Set the link to the Metadata XML download from the IDP and then set the name of the IDP (any name is valid) and then set the IDP URL be used to authenticate to the IDP.
Once complete you can restart your application and log in using the SAML SSO option.
Last modified 4mo ago
Copy link