Set SAML authentication(on-premise version)¶
CELF supports authentication that complies with SAML (Security Assertion Markup Language) 2.0.
To use SAML authentication, you need to establish a trust relationship between the Identity Provider (IdP) and the Service Provider (SP).
The CELF service does not include IdP functionality, so please ensure that there is an available IdP in your environment.
Set SAML authentication¶
- Open 'System' tab in "Manage" screen.
- Click 'Set' button under 'SAML authentication'.
- Set the SAML authentication in 'SAML authentication settings' dialog.
[1] Enable SAML authentication
Enable login to CELF with SAML authentication.[2] Attribute name of SAML response corresponding to user ID
Input the attribute name from SAML response for being used as user ID.[3] Attribute name of SAML response corresponding to user display name
Input the attribute name from SAML response for being used as CELF user display name.Attention
- When you enable SAML authentication, both 'Attribute name of SAML response corresponding to user ID' and 'Attribute name of SAML response corresponding to user display name' are required.
- Input value of 'Name' property in 'Attribute' tag from the SAML response into the above corresponding text field. If the 'Name' property is in a URL format like 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/SAML_SUBJECT', please input only the last 'SAML_SUBJECT' part. If there are both the 'Name' property and 'NameFormat' property in 'Attribute' tag, please input the value of 'Name' property (such as 'SAML_SUBJECT') as it is.
- Click 'Register' button.
Related keywords¶
account, log on, sign in, session, authentication, certification
Important
- To use SAML authentication in CELF, required settings on server side must be finished in advance.
- In order to log in with SAML authentication from CELF client, you will need to check 'Enable SAML(SSO) login' during the installation of the CELF client.
