Deploying Oracle Identity Federation 3-29 PathCheck fn=check-acl acl=es-internal Object Object name=send-compressed PathCheck fn=find-compressed Object Object name=compress-on-demand Output fn=insert-filter filter=http-compression Object Execute these instructions for any resource with the assigned name server.example.com Object name=serverexample Proxy the requested resource to the URL http:server.example.com:8080 Service fn=service-passthrough servers=http:unit1.mycorp.co.in:1234 Object Sample magnus.conf File The NetsiteRoot, ServerName, and ServerID directives are DEPRECATED. They will not be supported in future releases of the Web Server. NetsiteRoot homepfxSunOne6.1 ServerName calgary ServerID https-oif_idp_flagstaff RqThrottle 128 DNS off Security off PidLog homepfxSunOne6.1https-oif_idp_flagstafflogspid User pfx StackSize 131072 TempDir tmphttps-oif_idp_flagstaff-65cd125c Init fn=flex-init access=accesslog format.access=Ses-client.ip - Req-vars.auth-user [SYSDATE] \Req-reqpb.clf-request\ Req-srvhdrs.clf-status Req-srvhdrs.content-length Init fn=load-modules shlib=homepfxSunOne6.1binhttpsliblibj2eeplugin.so shlib_flags=global|now Init fn=load-modules shlib=homepfxSunOne6.1binhttpspassthroughpluginspassthrough libpassthrough.so

3.2.7 Using the Test SP Engine

Oracle Identity Federation provides a test SP engine for the purpose of Single Sign-On testing. The following sections describe how to use the test SP engine.: ■ Configure the Test SP Engine ■ Use the Test SP Engine for SP-Initiated SSO ■ Use the Test SP Engine with IdP-Initiated SSO ■ Test SP Engine Results 3-30 Oracle Fusion Middleware Administrators Guide for Oracle Identity Federation

3.2.7.1 Configure the Test SP Engine

Take these steps to enabledisable the test SP engine:

1. Log in to Fusion Middleware Control and navigate to the Oracle Identity

Federation instance.

2. Navigate to Administration, then Service Provider Integration Modules.

3. In the Test SP tab, selectunselect Enable Engine.

To make the test SP engine the default SP engine, follow these steps:

1. Log in to Fusion Middleware Control and navigate to the Oracle Identity

Federation instance.

2. Navigate to Administration, then Service Provider Integration Modules.

3. Select Default SP Integration Module to be Test SP Note: The test SP engine

must be enabled.

3.2.7.2 Use the Test SP Engine for SP-Initiated SSO

To use the test engine, you can initiate a single sign-on flow at the following URL: HTTP:OIF-SP-HOST:OIF-SP-PORTfedusertestspsso where: ■ HTTP is http for an open connection and https for a secure connection ■ OIF-SP-HOST is the hostname of the Oracle Identity Federation service provider server ■ OIF-SP-PORT is the http or https port number of the Oracle Identity Federation service provider server. Omit the entry for port 80 or https port 443. When you click the Start SSO button, a request is sent to the Oracle Identity Federation service provider to start Single Sign-On that is, an authentication request is sent to the identity provider with the information provided on the page. You can specify the following parameters: ■ IdP Provider ID: This is the Provider ID or description of the identity provider to which to the service provider will send the authentication request. ■ Authn Request Binding: This specifies the binding the service provider will use to send the authentication request. Applies only to SAML 2.0 protocol ■ Force Authentication: If checked, the identity provider is forced to authenticate the user, instead of possibly relying on a previous authentication context. Applies only to SAML 2.0WS-Fed protocols. ■ Is Passive: If checked, the identity provider must not interact with the user. Applies only to SAML 2.0 protocol. ■ Relay State: In this field, you can enter any string. This is either an identifier for the request or a return URL and is returned as a relay state after the Oracle Sign-On flow has been performed. Note: The test SP engine must be disabled in a production environment. See Also: Section 5.15, Configuring Authentication Engines