sec.samlServer( saml-entity-id as String, saml-attribute-names as String[], saml-privilege-attribute-name as String?, [http-options as Node], [saml-destination as String], [saml-issuer as String], [saml-idp-certificate-authority as String], [saml-sp-certificate as String], [saml-sp-private-key as String] ) as element(sec.samlServer)
This function configures an SAML server for use by the sec:create-external-security function.
Parameters | |
---|---|
saml-entity-id | The SAML entity id. |
saml-attribute-names | The SAML attribute names used for attribute query. |
saml-privilege-attribute-name | The SAML privilege attribute name used for query. |
http-options |
The http options.
The default value is (). The options node must be in the
xdmp:http namespace. This parameter can also include
certain option elements (for example, repair ,
encoding , default-language ) in the
xdmp:document-load and
xdmp:document-get namespaces.
The http options include:
|
saml-destination | The URL for the Identity Provider to accept the authentication request. |
saml-issuer | The identity of the Service Provider (MarkLogic Server). |
saml-idp-certificate-authority | The certificate used to validate the signature in the authentication request. |
saml-sp-certificate | The certificate used to sign the authentication request. |
saml-sp-private-key | The private key used to sign the authentication request. |
(: execute this against the security database :) const sec = require('/MarkLogic/security'); sec.samlServer("http://id.example.com/example", (),(), <sec:http-options xmlns="xdmp:http"> <authentication method="digest"> <username>admin</username> <password>admin</password> </authentication> </sec:http-options>)
(: execute this against the security database :) const sec = require('/MarkLogic/security'); sec.samlServer("http://id.example.com/example", (),(), <sec:http-options xmlns="xdmp:http"> <authentication method="digest"> <username>admin</username> <password>admin</password> </authentication> </sec:http-options>, "https://kcd2012dc.engrlab.marklogic.com:9031/idp/SSO.saml2", "https://engrlab-130-112.engrlab.marklogic.com/sp", "https://kcd2012dc.engrlab.marklogic.com/idp", "-----BEGIN CERTIFICATE----- MIIC1DCCAj2gAwIBAgIBADANBgkqhkiG9w0BAQ0FADCBhjELMAkGA1UEBhMCdXMx CzAJBgNVBAgMAkNBMRwwGgYDVQQKDBNNYXJrTG9naWMgUGluZyBEZW1vMRIwEAYD VQQDDAlTYW1sIFRlc3QxFDASBgNVBAsMC0VuZ2luZWVyaW5nMSIwIAYJKoZIhvcN AQkBFhNhdHNvaUBtYXJrbG9naWMuY29tMB4XDTE4MDgwMTIzMTAyNVoXDTE5MDgw MTIzMTAyNVowgYYxCzAJBgNVBAYTAnVzMQswCQYDVQQIDAJDQTEcMBoGA1UECgwT TWFya0xvZ2ljIFBpbmcgRGVtbzESMBAGA1UEAwwJU2FtbCBUZXN0MRQwEgYDVQQL DAtFbmdpbmVlcmluZzEiMCAGCSqGSIb3DQEJARYTYXRzb2lAbWFya2xvZ2ljLmNv bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtWkpQV132m6hOteZ8EL98pMi gAFmzpgn1GCwaPkb9U1rAT75kKnxwP9rVeXJ4YRH+JrhntY3uTSz2Z1DhVJdNxXA cY+ML1qs+yPG2stcZOPTPCqr3cF15TRx0xUj6fZogf47PGpwZLSITgqw/L4AIXL7 YYKperEOe2zvORhV5zcCAwEAAaNQME4wHQYDVR0OBBYEFHHYan5cJn3rj/1bq8/v z36+0u8WMB8GA1UdIwQYMBaAFHHYan5cJn3rj/1bq8/vz36+0u8WMAwGA1UdEwQF MAMBAf8wDQYJKoZIhvcNAQENBQADgYEAgA90Lv5VzABGl7uok8Z6rAiFzVOURkai Nu7Ds0LBD/z6ZqfsiHwF9wrwO6CWCoRTNmYtPfgY5wf0FTdRFBni6pSkZTuovXgc 7giBZHX1yVglXPpUNF/LsxpKJM9DPUvka5CNxUG0SnN29anVuF8fptCxhG8N+JjI rIp0ZVJjbtE= -----END CERTIFICATE-----", "-----BEGIN PRIVATE KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFsXIdgFSuiImTXuCoAxke45SC Aqq+diaRgu1rrVMEcJDpRFe4cNAIoVTcVhiZjd5V7WYZ7e/VZPcrMmUmg87YoYIu rvxUdSnljTD495I8HOWueC8SZIVEM3oO31SCqlVwefFBf6wJNM0zN6FDRBk/satA Qz9etFi8d8YtxyPFgQIDAQAB -----END PRIVATE KEY-----" )