View Source

In the DualShield authentication server we need to create an application which will be used for the two-factor authentication in Tivoli WebSeal. An application in DualShield needs a logon procedure which defines how users will be authenticated when they attempt to logon to the application.

Logon Procedure

Firstly, create a Web SSO logon procedure:

DualShield MFA Platform > DualShield Configuration [WSL] > image2014-5-8 11:4:13.png

Then, modify its logon steps and add two logon steps:

DualShield MFA Platform > DualShield Configuration [WSL] > image2023-10-30_12-11-27.png

Create Application

The next step is to create an application in DualShield for the Web application in your WebSeal, and publish the application on the DualShield SSO server.

DualShield MFA Platform > DualShield Configuration [WSL] > image2014-5-8 11:11:59.png

Use the Self-Test function to verify that the application is ready.

Service Provider

We also need to create SSO Service Provider for your WebSeal.

DualShield MFA Platform > DualShield Configuration [WSL] > image2014-5-8 11:22:15.png

The “Type” of the Service Provider must be set to “Generic”.

You need to enter a text string in the “EntityID” field that is use to uniquely identify the Service Provider. The EntityID should only contains alphanumeric letters.

Now, click the “Edit” button next to the “Attributes” label.

DualShield MFA Platform > DualShield Configuration [WSL] > image2014-5-8 11:24:24.png

You must add the attribute named “am-eai-user-id” and maps its value to the user’s “loginName” identity attribute, as shown above.

You can add other attributes as desired.