6-37
UserGuide for Cisco Dig ital Media Manager 5.2.x
OL-15762-03
Chapter6 Authentication and Federated Identity
Reference
•Elements to Define, Validate, and Add LDAP Filters, page 6-33
•Elements to Use LDAP Bookmarks for Synchronization, page6-34
Sample SP Configuration File from DMM<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!--
! DMS SAML2 Service Provider Metadata
!
! Actual Service Provider configuration for the IDP will be instantiated
! from this template and be deposited onto the IDP.
! (Auto-generated on/at: Wed May 11 16:58:14 PDT 2011)
!
! Copyright (c) 2011 Cisco Systems, Inc.
!-->
<EntityDescriptor entityID="http://DMMSP.example.com:8080/opensso"
xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
<SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true"
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<KeyDescriptor>
<ds:KeyInfo>
<ds:KeyName>tomcat</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>/C=US/ST=CA/L=SJ/O=CISCO/OU=CISCO/CN=DMMSP.example.com</ds:X509Subject
Name>
<ds:X509IssuerSerial>
<ds:X509IssuerName>DMMSP.example.com</ds:X509IssuerName>
<ds:X509SerialNumber>1304558251</ds:X509SerialNumber>
</ds:X509IssuerSerial>
<ds:X509Certificate>Mk6g1VAwAIGUk0QTNwaEzqUECAczVzAMCSDsUIgAQELICqwFQhOABhGJiQwgBBYCkAHAIB
9DGMQE COBEcGAAT0Qg4wBBMMVTzVzC1DEQAM8KlAQVKNDwDMBGF0TxWJACA0YNENgQxCSADEVNlQUwQxDV
BDbAQ0M8pvGTNUFyMtzwTYxTAMVTMMAxx3EMLEcTDDFMvzNEmwcTMNco2LmhgTVw2MTaMAmvx1ALMOQADBkjVwACMB
GNTh0F1BQVJJQAAUM1BSDQwTHAsxAVgMlNMjTCVEQEEgzCwEUCAAQxh8Y0GkMMBZZgTwSVNX0EUBglbgRvgwJrADA5
QYF32B9PNQEBVJANQIBb5K8YwNUQNYo0aQDjDJyMbhjswjcDgAM0IYJIoAGAGBr/qw1adeTiX6wNGwl+Pn2rhopPL7
cCzUI2aNCNyK+D99sLujKL/kjyCBZ9lqKPeCArxWfKycC3/QqgO/SNz33b8JSh6iG35kVwA3OMZplEtLX4CfBkdsXY
TVaKIRPRLMSOH9u9vH6ELFgSzl8dH/tL1o3aJADhnG4gcFA8tGE8QIXZBdBQdNwlDYj1AAAARYsKS6wV2vCZEgTNEI
MAQbvD A87sb03cvDpQUCJ5SQ0O/ 4xQA531HhBHSCDOFbUlq+ PeTKB4dkGsIst9BPaIr43bWO3zfkMbrU2A WNu+
dPcBZpO1raWmP2I8ZErlDYPJSEstzmaC30kkeXg4nfe10KCx1QH8BAQusegy38+ oh8NLYw3N dzQl5vs=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://DMMSP.example.com:8080/opensso/SPSloRedirect/metaAlias/sp"
ResponseLocation="http://DMMSP.example.com:8080/opensso/SPSloRedirect/metaAlias/sp"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://DMMSP.example.com:8080/opensso/SPSloPOST/metaAlias/sp"
ResponseLocation="http://DMMSP.example.com:8080/opensso/SPSloPOST/metaAlias/sp"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://DMMSP.example.com:8080/opensso/SPSloSoap/metaAlias/sp"/>
<ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://DMMSP.example.com:8080/opensso/SPMniRedirect/metaAlias/sp"
ResponseLocation="http://DMMSP.example.com:8080/opensso/SPMniRedirect/metaAlias/sp"/>
<ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://DMMSP.example.com:8080/opensso/SPMniPOST/metaAlias/sp"
ResponseLocation="http://DMMSP.example.com:8080/opensso/SPMniPOST/metaAlias/sp"/>