Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Excerpt Include
VPN and Device Integration Guides (versions 9.1+)
VPN and Device Integration Guides (versions 9.1+)
nopaneltrue

Panel
borderColor#000000
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#000000
borderStylesolid
titleIntroduction

Use this guide to enable Juniper IVE as an Identity Provider that authenticates users and issues a SAML assertion to SecureAuth IdP, which acts as a Service Provider (SP). This will enable any Post Authentication event from SecureAuth IdP once the SAML authentication has been completed.

...

Panel
borderColor#135570
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#135570
borderStylesolid
titleSecureAuth IdP Configuration Steps
Panel
borderColor#116490
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#116490
borderStylesolid
titleData
Section
Column
width50%

Column

 

1. In the Membership Connection Settings section, select No Data Store from the Data Store dropdown

Warning

Click Save once the configurations have been completed and before leaving the Data page to avoid losing changes

Panel
borderColor#116490
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#116490
borderStylesolid
titleWorkflow
Section
Column
width50%

Column

 

2. In the Custom Front EndIdentity Consumer section, select Token from the Receive Token dropdown

3. Select True from the Require Begin Site dropdown

4. Select Custom from the Begin Site dropdown

5. Set the Begin Site URL to AssertionConsumerService.aspx

6. Select Name from the Token Data Type (Receive) dropdown

7. Select User ID from the Token Data Type (Send) dropdown

Panel
borderColor#007fb2
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#007fb2
borderStylesolid
titleSAML Consumer
Section
Column
width50%

Column

 

8. Click Add Identity Provider to add Juniper IVE as the SAML IdP

Panel
borderColor#009fd9
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#009fd9
borderStylesolid
titleAdd Identity Provider
Section
Column
width50%

Column

 

9. Set the Identity Provider Name to a friendly name that appears on the Workflow page

10. Set the SAML Issuer to the same Entity ID from the Juniper Configuration Steps (step 20), e.g. SecureAuthIdP

11. Copy the contents of the SSL Certificate and paste the BLOB into the Signing Certificate field

12. Click Add and Save

Warning

Click Save once the configurations have been completed and before leaving the Workflow page to avoid losing changes

Panel
borderColor#116490
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#116490
borderStylesolid
titlePost Authentication
Section
Column
width50%

Column

 

13. In the Forms Auth / SSO Token section, click View and Configure FormsAuth keys / SSO token

Panel
borderColor#007fb2
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#007fb2
borderStylesolid
titleForms Authentication
Section
Column
width50%

Column

 

14. Set the Name of the FBA token to any name

Panel
borderColor#007fb2
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#007fb2
borderStylesolid
titleAuthentication Cookies
Section
Column
width50%

Column

 

15. Set the Post-Auth Cookie name to the same token name set in step 14

The FBA Token Name and the Post-Auth Cookie Name must match in realms utilizing the SAML Multi-tenant Consumer

Warning

Click Save once the configurations have been completed and before leaving the Forms Authentication page to avoid losing changes