Specify the location of the SAML keystore (Admin interface).
Can be set in: global.cfg
Set to the location of the java keystore which is used to store
the private key Funnelback will use for SAML communications.
http://docs.spring.io/spring-security-saml/docs/1.0.2.RELEASE/reference/html/security.html provides details on how this keystore can be created with java's 'keytool' utility. This documentation also covers the creation of the private key described in auth.admin.saml.key-password, and configuring trust of certificates presented by other systems for SAML usage.
keytool may generate SHA-1 keys by default, which is considered
deprecated and may not work with all identity providers. Make sure you choose
an appropriate algorithm when creating keys with
This setting requires Jetty to be restarted to take effect.
- SAML authentication
- Enable SAML authentication (Admin interface).
- Specify the SAML identity provider's metadata URL (file:// or http://) (Admin interface).
- Specify the URL to log users out of the IdP (Admin interface).
- Specify the prefix for the SAML entity ID (Admin interface).
- Specify the password for SAML keystore (Admin interface).
- Specify the alias of private key to use in SAML keystore (Admin interface).
- Specify the password for private key in SAML keystore (Admin interface).
- Specify the location of the Groovy class which maps SAML users to their permissions.