Configuring IBM Security Access Manager as an IdP

To configure IBM® Security Access Manager as an identity provider (IdP), see the IBM Security Access Manager 9.0 Federation Cookbook that is available from IBM Developer Works.

Before you begin

Download the IBM Security Access Manager 9.0 Federation Cookbook from IBM Developer Works, as shown in the related link. Also download the mapping files that are provided with the cookbook.

About this task

To set up the example environment, complete the specified sections in the IBM Security Access Manager 9.0 Federation Cookbook.

Procedure

  1. Complete Section 5, Create Reverse Proxy instance.
  2. Complete Section 6, Create SAML 2.0 Identity Provider federation.
    In Section 6.1, if you are using the ISAM docker deployment, it is possible to re-use the existing keystore that is included in the container instead of creating a new keystore. It is important to reflect this change in subsequent sections where the myidpkeys certificate database is referenced.
  3. Complete Section 8.1, ISAM Configuration for the IdP.
    In Section 8.1, use the host name of the IdP federation.
  4. Optional: After completing Section 8.1.1, if you require ACLs to be defined to allow and restrict access to the IdP junction, then follow the instructions in Section 25.1.3, Configure ACL policy for IdP.
  5. Complete Section 9.1, Configuring Partner for the IdP.
    The export from Websphere does not contain all the relevant data. Therefore, in Section 9.1, after you complete configuring partner for the IdP, you must click Edit configuration and complete the remaining advanced configuration.