With AEM6.1 there are some changes in configuration of SAML Authentication handler compared to earlier version of AEM. This section concentrates only on configuration changes of SAML 2.0 with AEM6.1
STEPS
1. Add IdP public cert to AEM truststore
- Go to: http://localhost:4502/libs/granite/security/content/useradmin.html
- Select any user because TrustStore is global to AEM
- Create trust store by supplying the password & then manage trust store
- Upload the IdP certificate & make note of the certificate Alias
- Go to: http://localhost:4502/libs/granite/security/content/useradmin.html
- Select authentication-service
- Create KeyStore by supplying the password
- If encrypting SAML assertions then go to manage KeyStore for uploading the private & public key
- Go to: http://localhost:4502/system/console/configMgr
- Search for Adobe Granite SAML 2.0 Authentication Handler
- Add a new handler configuration and alias here should match with step1.
- Configure host at:http://localhost:4502/system/console/configMgr/org.apache.sling.security.impl.ReferrerFilter
EARLIER VERSION
https://helpx.adobe.com/experience-manager/kb/saml-demo.htmlhttps://helpx.adobe.com/experience-manager/kb/simple-saml-demo.html
No comments:
Post a Comment