According to the following KB article SAML authentication is supported in EMM r12.x (SAML 2.0?), but I cannot find any document that describe how this is done (just a very light discription in the help section inside EEM).
I have looked at the configuration form inside EEM but I cannot not map it to the SAML Metadata (which seams to be the standard way to configure SAML consumer and producers), is there any documention that explains how to configure EEM with SAML?
By default CA EEM must be installed in a non-FIPS mode CA EEM Does ot support FIPS-only mode with SAML and SELinux operation systems.
Please review the SAML doc, click on the link bellow
seems to be an internal CA link.
I'm also interested in more documentation around supporting SAML directly in EEM vs. Siteminder.
Can you please share that doc?
Thank in advance
As with other authentication/configuration options in EEM, Support for SAML based authentication in EEM was left for embedding products to be formally supported/documented, as each product consumes EEM in slightly different way.
We obtained further clarification on this matter, and unfortunately, there such documentation is not available at this time for external consumption.
Hi and thanks for the reply,
Ok, guess there is no documentation that explains how to do the set up.
But is there anyone that could answer this questions:
Which SAML version is EEM supporting? 1.x or 2.0
Which SAML bindings is EEM supporting? (HTTP redirect, HTTP post, HTTP artifact)
If it is artifact is there any internal component that handle the soap call to the IdP and what address is this component listen on?
at the end and knowing the limitation of EEM, may you want to archive SSO with SAML, technic can be to setup a reverse proxy in front of SDM that can act as a SAML consumer and pass back REMOTE_USER to SDM.
We did something similar for another application in the past.
Hope that give you an idea.