...
5. In the Type field, select SAML 2.0
6. Click on Create Metadata
7. In the
...
Metadata
...
box, enter the metadata
...
of the service provider to be created. (*see template below)
- Use the template below to create the metadata. Change the value of the "entityID" and "Location" attributes (highlighted in red) to the FQDN of your Citrix Gateway Virtual Server.
<?xml version="1.0" encoding="UTF-8" ?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://citrix.gateway.com
">
<SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</NameIDFormat>
<AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://citrix.gateway.com/cgi/samlauth" index="0" isDefault="true">
</AssertionConsumerService>
</SPSSODescriptor>
</EntityDescriptor>
Click Save.
8. Enable Sign on SAML Assertion under SAML Option
9. Click on Attributes tab at the top
10. Click Create
11. On the Attributes builder specify Location as HTTP Body and enter a name for this attribute. In this case I have used the name loginName .
12. Click on the search symbol to the right of the Maps To field.
13. Select the identity source that will be used and select Login Name from the Maps to drop down list:
14. Click Save
15. Click Save again
16. Repeat steps 10 & 11 but this time name the attribute passwd
17. Copy this syntax clearPassword.encodeAsBase64() and paste it into the Maps To field
18. Click Save
...
19. Click Save again.
...