Access Keys:
Skip to content (Access Key - 0)

Dorian

Administrate Trusted Identity Provider

Dorian: Administrators Guide | Developers Guide | Users Guide | caGrid: Documentation Guides

Overview

The GAARDS UI enables Dorian administrators to view and modify trusted identity providers.  To view an individual identity provider trusted by Dorian, complete the following steps:

  1. Launch the GAARDS UI.
  2. Log onto the Grid.
  3. From the Account Management menu, select the Grid Account Management sub menu. Then select Trusted Identity Provider(s). This will launch the Trusted Identity Provider(s) window.
  4. From the Service drop-down menu, select the Dorian you wish to search.
  5. Click the Search button. This will list all the identity providers trusted by Dorian in the table below the Search button.
  6. Select the identity provider you wish to view and click the View button. This will launch the management window for that identity provider.

The management window for a given identity provider contains 4 tabs: (1) General , (2) Authentication Service, (3) Certificate, and (4) Audit.   Below provides details on the information contained in each tab and whether or not it can be updated.

General

The General tab maintains a list of general information about the identity provider. This information is described in the table below:

Attribute Description
IdP ID
The unique ID assigned to the identity provider by Dorian
Name
The name of the identity provider
Display Name*
The display name of the identity provider
Status* The status of the identity provider
User Policy* The account policy associated with the identity provider
Accepted Authentication Method(s)* The acceptable authentication methods for the identity provider

Identity Provider Search

Identity Provider

(* denotes that the attribute(s) can be updated by an administrator)

Authentication Service

The Authentication Service tab contains information related to the identity provider's Authentication Service. This information is described in the table below:

Attribute Description
Authentication Service URL*
The service URL for the identity provider's Authentication Service
Authentication Service Identity*
The service identity for the identity provider's Authentication Service
Publish*
Determines if GAARDS UI or WebSSO will display the service

(* denotes that the attribute can be updated by an administrator!!!)

Certificate

The Certificate tab provides details on the X.509 certificate that corresponds to the private key used by the identity provider to sign the SAML Assertions it issues. The identity provider's certificate can be updated by Dorian administrators. To update the certificate import the new certificate into the UI using the Import Certificate button. Then follow the identity provider update procedures listed below.

Audit

For security purposes, Dorian maintains auditing information on each identity provider. Auditing information cannot be updated, however it can be searched by following the identity provider auditing procedures listed below.

Updating a Trusted Identity Provider

To update an individual identity provider trusted by Dorian, complete the following steps:

  1. Launch the GAARDS UI.
  2. Log onto the Grid.
  3. From the Account Management menu, select the Grid Account Management sub menu. Then select Trusted Identity Provider(s). This will launch the Trusted Identity Provider(s) window.
  4. From the Service drop-down menu, select the Dorian you wish to search.
  5. Click the Search button. This will list all the identity providers trusted by Dorian in the table below the Search button.
  6. Select the identity provider you wish to update and click the View button. This will launch the management window for that identity provider.
  7. Make changes to the information you wish to update.
  8. Click the Update button. Any changes will be immediately applied to Dorian.

Auditing

For security purposes, Dorian maintains auditing information on each identity provider. The following is a list of auditing information that is maintained:

Audit Information
Description
IdPAdded
Documents when an identity provider was registered to Dorian as a trusted identity provider.
IdPUpdated
Documents when an identity provider was updated.
IdPRemoved
Documents when an identity provider was removed from Dorian as a trusted identity provider.
The GAARDS UI allows Dorian administrators to search the auditing information for a given identity provider based the following search criteria:

Criteria Description
Reporting Party The identity of the party that performed or reported the action.
Audit Type
The type of auditing information, please consult the table above for different types.
Start Date
The start of a date/time range of when the even occurred.
End Date
The end of a date/time range of when the even occurred.
Message
Search the content of the Audit Message.

Using the GAARDS UI, administrators can search the auditing information by completing the following steps:

  1. Launch the Administrative UI (GAARDS UI).
  2. Log onto the Grid.
  3. From the Account Management menu, select the Grid Account Management sub menu. Then select Trusted Identity Provider(s). This will launch the Trusted Identity Provider(s) window.
  4. From the Service drop-down menu, select the Dorian you wish to search.
  5. Click the Search button. This will list all the identity providers trusted by Dorian in the table below the Search button.
  6. Select the identity provider you wish to update and click the View button. This will launch the management window for that identity provider.
  7. Select the Audit tab.
  8. Enter the desired search criteria.
  9. Click the Search button.

When the search is complete, the audit records meeting the search criteria will display in the table below the Search button.  To view the complete details of a specific audit record, select that record in the table and click the View button.  This will launch a window containing the complete details of the audit record you selected.

Auditing

Audit Record
Last edited by
Clayton Clark (668 days ago) , ...
Adaptavist Theme Builder Powered by Atlassian Confluence