Versions Compared

Old Version 2

changes.mady.by.user Daniel.Juleff

Saved on

compared with

New Version Current

changes.mady.by.user Daniel.Juleff

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated Images and Syntax

...

Create a Web logon procedure

  1. Login to the DualShield Administration Console
  2. In the main menu, select “Authentication > Logon Procedures”
  3. Click the “+ CREATE” button on the toolbar, on the right
  4. Enter a recognisable “Name” and select “Web SSO” as the Type



  5. Click “SAVE”
  6. Click the Context Menu icon of the newly created Logon Procedure, select “Logon Steps”
  7. In the popup window, click the “+ ADD” button on the toolbar
  8. Add the necessary Authentication methods here

Create a Web application

  1. In the main menu, select “Authentication > Applications”
  2. Click the “+ CREATE” button on the toolbar
  3. Enter a recognisable “Name”
  4. Select your internal “Realm”
  5. Add the newly created Logon Procedure (from the previous step)



  6. Click "Save" 
  7. Click the context "..." menu of the newly created Application, then select "Agent" 
  8. Select the "Single Sign-on Server (SSO Server)"



  9. Click "Save"
  10. Click the context "..." menu of the newly created Application, then select "Self Test" 

Download the DualShield IdP Metadata

  1. In the main menu, navigate to " SSO > SSO Servers" 
  2. Click the context "..." menu of "Single Sign-on Server (SSO Server") then select "Download Idp MetaData" .
    Note the Name and location of the XML file, saved locally.


In order to create a Service Provider for Splunk within DualShield - Next complete the "Splunk SAML Configuration"
Plus Download the Splunk Service Provider (SP) Metadata.


Create a Service Provider 

  1. In the main menu, select navigate to "SSO | Service Providers" 
  2. Click "Create"the "+ CREATE" button in the toolbar
  3. Select the SSO Server drop-down and select "Single Sign-on Server"
  4. At the 'Application' drop-down, select the Splunk Application previously created.
  5. Enter a suitable "Name"
  6. Set 'Type' Enter "Name", Select Type as "SAML 2.0"

    Image Added

  7. Select the "CREATE METADATA" button.
  8. At the window that appears, paste in to the large Metadata textbox, the Copy the content of Service Provider Metadata (contained in SPMetadata.xml) into the "Metadata" field
    Image Removed

  9. Click Edit for Attribute and create a role attribute map to a fix the "Attributes" tab, to create a new custom Attribute, that will be mapped to a fixed value that match the name of the Splunk group, for instance: "admin"
  10. Click the "+ CREATE" button
  11. Location at the drop-down, set as "HTTP Body"
  12. Name could be entered as "role"
  13. Beneath the 'Value' section, select "Fixed Value". Then set the Value in the textbox as "admin
    Image Removed"

    Image Added

  14. Click "SAVE" to create the custom attribute.

  15. Click back to the 'General Settings' tab, of the Service Provider.
  16.  At the 'NameID Format' field, change this field to Select "User Principle Name" on NameID Fromat drop down list. 
    Image Removed.

    Image Added


  17.  Finally select "SAVE", to complete the Service Provider creation process.