The following high-level steps describe how to deploy SAML for your Brightspot instance.
- Obtain from the identity provider the following:
- Metadata file that Brightspot uses to verify a SAML response originated from the identity provider.
- Identity provider’s URL to which Brightspot sends SAML requests.
- Identity provider’s entity ID.
- Obtain from the Brightspot developer the following:
- Java class used to verify the SAML response.
- Path to the identity provider’s metadata file.
- Name of the field in the SAML response that contains the editor’s email.
- Obtain other SAML configuration values as required.
- In the Tomcat file
context.xml, and using the values obtained in steps 1–3, compose the SAML configuration elements as described in SAML configuration keys.
- Ensure the SAML module
com.psddev.samlis included in the final .war file.
- Activate the SAML authenticator; for details, see Activating single sign on.