Step 3: Configure the SSO Common Properties File
FlexNet Code Insight 6.14.1
This step configures the core.sso.properties file to enable SSO for FlexNet Code Insight.
To configure the SSO common properties file:
| 1. | In a text editor, open the fnciInstallPath/config/core/core.sso.properties file in the Code Insight Core Server installation. The following shows the file contents: |
## this file contains all sso placeholder values.
## this file contains all the sso configuration placeholder values.
#
#saml.keystore=file:///c:/<path>/<keystore.jks>
#saml.keystore.password=<keystore_password>
#saml.keystore.alias=<keystore_alias>
#saml.keystore.alias.password=<keystore_alias_password>
# only change the values that are different for your extended metadata
#saml.metadata.local=true
#saml.metadata.alias=defaultAlias
#saml.metadata.idpDiscoveryEnabled=false
#saml.metadata.idpDiscoveryURL=null
#saml.metadata.idpDiscoveryResponseURL=null
#saml.metadata.ecpEnabled=false
#saml.metadata.securityProfile=metaiop
#saml.metadata.sslSecurityProfile=pkix
#saml.metadata.sslHostnameVerification=default
#saml.metadata.signingKey=null
#saml.metadata.signingAlgorithm=null
#saml.metadata.signMetadata=false
#saml.metadata.encryptionKey=null
#saml.metadata.tlsKey=apollo
#saml.metadata.requireLogoutRequestSigned=false
#saml.metadata.requireLogoutResponseSigned=false
#saml.metadata.requireArtifactResolveSigned=false
#saml.metadata.supportUnsolicitedResponse=true
#saml.verifySignature=false
| 2. | Uncomment and update the following properties required for Service Provider security and identification. Ensure that these values for these properties match the corresponding values that you provided for the keyManager bean definition in SecurityContext.xml, as described in Step 1: Download and Configure the Spring Security SAML Extension: |
|
SSO Property |
Description |
|
saml.keystore |
Enter the path and name of the keystore that you created for SSO. (Ensure that the keystore resides in this location.) |
|
saml.keystore.password |
Enter the password for the keystore. |
|
saml.keystore.alias |
Enter the alias defined for the private key contained in the keystore. |
|
saml.keystore.alias.password |
Enter the password for the private key alias. |
|
saml.verifySignature |
Set to false. |
| 3. | Open the Extended.xml file you saved when you also generated the SPMetadata.xml file in Step 2: Generate the SP Metadata. |
| 4. | For each saml.metadata.property in the for extendedMetadata configuration section of the core.sso.properties file that differs from its corresponding value in the Extended.xml file, do the following: |
| a. | Uncomment the saml.metadata.property. |
| b. | Update its value to match the one in Extended.xml. |
For example, the Extended.xml file might contain the following property:
<property value="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" name="signingAlgorithm"/
If the corresponding value in the core.sso.properties file is different, replace its value with the one in Extended.xml:
saml.metadata.signingAlgorithm=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
| 5. | Save the core.sso.properties file. |