Introduction
The IdP Sample Application is used to demonstrate and test the features of PingFederate. It allows a user to initiate Single Sign
on to any of the configured SP connections and also to perform single logout.
Configuring IdpSample
The IdP Sample App config files are located in the folder IdpSample/config and are listed below,
pfagent-idp.properties
This file contains the agent properties which are generated from the Standard Adapter in PingFederate. Please refer to the PingFederate Manual for more information.
pingfederate-idp-config.xml
This file contains properties to configure the sample app. You can set the base URL for PingFederate and the sample app as well as define additional attributes.
- hostPF
Specify the base URL for PingFederate. (We recommend using SSL for
a production environment.
- hostAppIdp
Specify the URL for the sample IdP application
- attributeNamesList
In order to specify additional attributes add the attribute names to this
property. For e.g, to specify two additional attributes -- attribute1 and
attribute2 -- the following line would be modified to
attributeNamesList=password,attribute1,attribute2. The values of these
attributes are specified in the property file "pingfederate-idp-demo-users.xml"
- transferMethod
PFTOKEN can be sent as a cookie or cookie parameter. The "transferMethod"
can be set to either "cookie" or "cookie".
- idpDiscovery
Set this parameter to "true", in order to allow user to select the IdP adapter. This
is only applicable if there are multiple IdP Adapters configured in PingFederate.
pingfederate-idp-demo-users.xml
This file contains a list of users with their attributes. You can modify the existing values as well as add/delete users.
Using IdpSample
The IdP Sample App can be used to demonstrate the following scenarios
-
Local Login
Follow the following steps to login,
- Start the IdP Sample App by entering the following URL in your browser,
hostAppIdp/IdpSample
- Login to the app by selecting a user and entering the password. (The default password is "test").
-
Local Logout
Follow the following steps to logout,
- Access the main page of the IdP Sample App by entering the following URL in your browser,
hostAppIdp/IdpSample
- Click Local Logout.
-
IdP-initiated SSO (SP Connection)
Follow the following steps to perform IdP-initiated SSO,
- Perform Local Login as specified above.
- Click on the Sign on image within the SP Connection.
-
IdP-initiated SLO (Single Logout)
Follow the following steps to perform IdP-initiated SLO,
- Perform IdP-initiated SSO as specified above.
- Access the IdP Sample App by entering the following URL in your browser,
hostAppIdp/IdpSample
- From the main page, click "Single Logout".
-
User Attributes
By default the IdP Sample App is configured to use userId and authnContext. You can add additional attributes to this list as follows,
- Open pingfederate-idp-config.xml in a text editor.
- Edit attributeNamesList to add names of additional attributes.
- Perform Local Login as specified above.
- You should now see the additional attributes in the User Attributes table.
-
Multiple SP Connections
The IdP Sample App can be modified to read SP connections from a properties file, as follows,
- Copy IdpSample/template/pingfederate-idp-connections.xml.
to IdpSample/config/ folder.
- Edit the file pingfederate-idp-connections.xml to create one or more SP connections.
- Access the IdP Sample App by entering the following URL in your browser,
hostAppIdp/IdpSample
- After login, you should see a list of SP connections as configured in the properties file.