Configuring Service Provider Initiated Single Sign-On with a Third-Party Identity Provider

My webMethods Server 10.11 | My webMethods Server Webhelp | Administering My webMethods Server | System Administrator Functions | Managing Security | Configuring My webMethods Server Single Sign-On | Using Single Sign-On with SAML and a Third-Party Identity Provider | Configuring Service Provider Initiated Single Sign-On with a Third-Party Identity Provider

To configure SP Initiated SSO using a third-party IDP

1. Ensure that My webMethods Server is configured to use an HTTPS port.

2. Set the required properties in the websso.properties file. For information about working with the websso.properties file, see Setting Properties in the websso.properties File.

3. Import the IDP certificate to the My webMethods Server truststore using the keytool command of the JVM. For more information, see Importing CA Certificates.

4. Start My webMethods Server.

5. Register My webMethods Server as a service provider with the external identity provider using the information in the Software AG_directory \MWS\server\serverName\config\SPMetadata.xml file, or copy the file to the required location on the IDP sever.

The identity provider uses the endpoint location of the My webMethods Server instance from the SPMetadata.xml file to list My webMethods Server as a service provider.

6. Import the My webMethods Server certificate to the IDP truststore. For more information, see the identity provider documentation.

7. As sysadmin, go to the SAML Authentication Administration portlet and enable SP initiated SSO.

8. Restart My webMethods Server.