BG09:Exostar ForumPass
From OSIS Open Source Identity Systems
Exostar ForumPass
| list help copy as XML edit |
BG09 Participant - BG09 Solution - BG09 Test
| Solution | Exostar ForumPass |
| Identifier | ExFP |
| Description | SharePoint collaboration site
Federation Service URI: urn:federation:TWS Federation Server Endpoint URL: https://fp4.fsp.exostartest.com/adfs/ls/ ForumPass Application URL (for end users): https://fp4.mysite.exostartest.com/ |
| Product Page | http:// |
| Project or solution logo (if different than Participant logo) | |
| Latest Version | |
| Latest Release Date | |
| Installation/Operation Instructions | ForumPass UAT Incoming Claim Configurations
The table below summarizes the claim mappings on the ForumPass side and claim combinations for access into different security profiles. A 3-rd party IDP will need to provide a set of group claims and a set of custom claims that can be mapped to the following combinations of internal FP claims in order to obtain access in to all 3 FP profiles.
Claim 1 type: Identity Claim Required for: Core, Sensitive Restricted Claim 2:E-mail Claim 2 Type:{undefined} Required for: none Claim 3:Credential Strength Low Claim 3 Type: Group Required for: Core (implied for other assurance levels) Claim 4: Credential Strength Low Plus Claim 4 Type:Group Required for: Sensitive Claim 5: Credential Strength Medium Software Claim 5 Type: Group Required for: Restricted Claim 6: UK Restricted Claim 6 Type: Custom*, Value=On Required for: Restricted Claim 7: SSL Protocol Claim 7 Type: Custom*, Value=TLSv1 Required for: Restricted * Custom claims are also known as Attribute claims. ** The presence of a stronger claim is sufficient to gain access into a lower-grade profile even if the weaker claim is not supplied. Example: A 3-rd party IDP’s set of claims can be mapped into FP claims and profiles as follows: Incoming Claim Incoming Claim Type Map to Claim Profile Access Incoming Claim 1: User Principal Name Incoming Clain Type: Identity Claim Map to Claim: User Principal Name Incoming Claim 2: PwdBasedAuth Incoming Claim Type: Group Map to Claim: Credential Strength Low Profile Access: Core Incoming Claim 3: CertBasedAuth Incoming Claim Type: Group Map to Claim: Credential Strength Low Plus Profile Access: Core & Sensitive Incoming Claim 4: CertBasedAuth+ Incoming Claim Type: Group+ Map to Claim: Credential Strength Medium Software + Profile Access: Core & Senstive & Restricted Incoming Claim 5: UK Citizen:On* + Incoming Claim Type: Custom+ Map to Claim: UK Restricted:On* + Profile Access: Core & Sensitive & Restricted Incoming Claim 6: Tunnel: TLSv1* Incoming Claim Type: Custom Map to Claim: SSL Protocol:TLSv1* Profile Access: Core & Sensitive & Restricted Incoming Claim 7: CardBasedAuth Incoming Claim Type: Group Map to Claim: Credential Strength Medium Hardware Profile Access: Core & Sensitive & Restricted
|
| Operated by | Exostar |
| Interop Roles | WS-Federation Relying Party
|
| : http:// | |
| : http:// | |
| : http:// |
Click here for help populating this chart.
BG09 WS-Federation Relying Party Test List
| list help copy as XML edit |
| Tests for | Exostar ForumPass |
| JIT Provisioning | Not Tested |
| Single Sign-On | Not Tested |
