We're trying to establish SAML 2.0 Authentication in our env. with a revers-proxy before the application. So user is accessing revers-proxy to reach application. Now we want also establish SAML 2.0, and somehow we're doing it wrong.
Does anyone have experiences with this constellation?
And on top of that, we're using multi-tenant setup.
and we followed these instructions:
https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/FNMS-SAML-Setup-WebUI-configuration-guide-to-enable-SSO-SAML-in/ta-p/157804
regards,
Matthias
Jul 01, 2021 04:40 AM
Jul 01, 2021 08:20 AM
Yes, i have recently integrated FNMS with ADFS for SAML authentication.
Please find the attached document which i got from the following community article.
Note : Make sure all the URLs mentioned in the SAML guide you mentioned is correct , as the URLs are case sensitive and failing to follow that may case error.
Regards,
Junaid Vengadan
Jul 01, 2021 03:08 PM
Hello junaid_vengadan,
thanks a lot for feedback.
Unfortunately, it seems like the document is for Cloud-based System but not for on-premise.
Jul 02, 2021 01:43 AM
Yeah the document is for the cloud version .
You need to modify the web.conf along with importing the metadata and certificate ( for offline mode) , you can follow the same steps mentioned in the below article to configure the web.conf
Regards,
Junaid Vengadan
Jul 02, 2021 10:44 AM
Hi @mschwach,
@emtmeta is right. Although the document is for the cloud version, the steps are the same.
Please check the URLs as they are case sensitive—for example, the endpoint URL.
'https://hellotest.com/Testing/Checking/SUCCEED to 'https://hellotest.com/Testing/Checking/Succeed'
I hope this help.
Regards,
Albert
Jul 05, 2021 04:04 AM
Hi @ll,
many thanks for your contributions.
I've tried all variants of your suggested steps. But, without a success.
I also noticed something when reviewing document: "ADFS FNMS SAML 2.0 configuration.docx"
at point 5 - I am unable to do something in the WebUI, because it doesn't give me the option to do so. This might be different on a cloud based solution but it doesn't fit in an on-premise + multi-tenant env.
So I investigated a little further, and now I'm facing another issue, which said that in the URL the TENANT wasn't given.
(Please see screenshot)
Jul 05, 2021 10:04 AM
If you are referring to step number 5 that is "Enter the ADFS metadata URL" , you need to add this in web.conf file for FNMS On-Premise version .
if you need more details about configuring the web.conf , please refer the below URL
https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/FNMS-SAML-Setup-WebUI-configuration-guide-to-enable-SSO-SAML-in/ta-p/157804
To make it easy, you need to configure the below in Web.conf ( don't forgot to take backup of original web.conf before you do the changes)
Once you completed the web.conf , you also need to change IIS Auth type for Suite .
I recommend you to use the below documentation along with the DFS conf guide that you have , that speak about everting that you need.
If you still have the issues after configurations, share the webui logs here or with support.
Regards,
Junaid Vengadan
Jul 05, 2021 10:18 AM