Exhaustive List of conf.json SAML Configuration Parameters - Fluid Topics - 3.7

Fluid Topics Integration Guide

Operating system
RHEL
Category
Reference Guides
Audience
public
Version
3.7

The following table provides further explanations about all parameters within the "configuration" object:

On the Service Provider side

Parameter name

Cardinality

Description

name

Mandatory

Name given to the configuration.

keystoreFile

Mandatory

Path to the keystore.jks file generated in the previous step ("-keystore" parameter). The keystore.jks file stores the SP public and private keys.

By default, the parameter expects the following value: saml/keystore.jks

keystorePassword

Mandatory

Password used to generated the keystore.jks file in the previous step ("-storepass" parameter).

privateKeyPassword

Mandatory

Password entered for the SP private key when generating the keystore.jks file in the previous step ("-keypass" parameter).

entityId

Mandatory

ID of the current Fluid Topics tenant.

By default, the parameter expects the following value: http://$HOSTNAME/$TENANT_ID/

signatureAlgorithms

Optional

Possibility to use several signature algorithms.

The parameter expects one (or more) of the following values (can be stacked): "http://www.w3.org/2000/09/xmldsig#rsa-sha1|http://www.w3.org/2001/04/xmldsig-more#rsa-sha512|http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"

On the Identity Provider side

Parameter name

Cardinality

Description

idpMetadataFile

Mandatory

Path to the metadata.xml file that has been generated on the IdP side.

By default, the parameter expects the following value: saml/idp_metadata.xml

idPropertyKey

Mandatory (except for ADFS, where it is not used.)

Name of the parameter within the SAML response where the user ID can be retrieved.

This information is required to identify the user after each connection.

idReaderFunction

Optional

Function written in JAVA to retrieve the user Id information from the SAML response. See SAML Profile Retrieval.

This parameter replaces the idPropertyKey parameter.

mailPropertyKey

Mandatory

Name of the parameter within the SAML response where the user email can be retrieved.

This information is required for the user to receive email notifications (for alerts, feedbacks, and so on).

mailReaderFunction

Optional

Function written in JAVA to retrieve the user email information from the SAML response. See SAML Profile Retrieval.

This parameter replaces the mailPropertyKey parameter.

namePropertyKey

Mandatory

Name of the parameter within the SAML response where the user name can be retrieved.

This parameter is required to greet the connected user.

nameReaderFunction

Optional

Function written in JAVA to retrieve the user name information from the SAML response. See SAML Profile Retrieval.

This parameter replaces the namePropertyKey parameter.

groupsPropertyKey

Optional

Name of the parameter within the SAML response where the user group can be retrieved.

groupsReaderFunction

Optional

Function written in JAVA to retrieve the user group information from the SAML response. See SAML Profile Retrieval.

rolesPropertyKey

Optional

Name of the parameter within the SAML response where the user role can be retrieved.

rolesReaderFunction

Optional

Function written in JAVA to retrieve the user role information from the SAML response. See SAML Profile Retrieval.

maxAuthenticationLifetime

Mandatory (ADFS)
Optional (not ADFS)

Numerical value to set the lifetime of the authentication lifetime in seconds.

It must be greater than Fluid Topics own default log in cookie (600 seconds).

It must match the maxAuthenticationLifetime parameter configured on the IdP side.

If using ADFS, this value must be 28800.