ImportIdP

The ImportIdP command registers an identity provider using SAML Single sign-on with the GAS/JGAS.

For usage examples, go to Usage and Configure GAS for SAML SSO.

The ImportIdP.4gl source code is provided in $FGLDIR/web_utilities/services/saml/src, and the compiled version is in the bin directory.

Set the environment

Before executing the command, set the environment using the envsaml.sh script, found in $FGLDIR/web_utilities/services/saml. On Microsoft® Windows, the script is named envsaml.bat.

Syntax 1 : import SAML metadata

Import the IdP specified by the URL or metadata file and register it in the database for SAML.

fglrun ImportIdP { -i | --import } { idp-metadata-url | file }
  1. idp-metadata-url is the URL of a SAML identity provider.
  2. file is the metadata file of a SAML identity provider.
For example:
fglrun ImportIdP --import https://myhost:3454/saml/jsp/myIdPMetadata.jsp

Syntax 2 : list registered SAML IdPs

List all registered IdPs in the database.

fglrun ImportIdP { -l | --list }

For example, see usage in Select the SAML server (Identity Provider)

Syntax 3 : list supported NameID formats

List the formats of NameIDs supported by the specified IdP. 

fglrun ImportIdP { -N | --NameIDFormat } { idp-metadata-url | file }
For example:
fglrun ImportIdP --NameIdFormat https://myhost:3454/saml/jsp/myIdPMetadata.jsp

Syntax 4 : remove a registered SAML IdP

Removes the registered entry for the IdP specified by the URL from the database.

fglrun ImportIdP { -r | --remove } { idp-metadata-url | file }
  1. idp-metadata-url is the URL of a SAML identity provider.
  2. file is the metadata file of a SAML identity provider.
For example:
fglrun ImportIdP --remove https://myhost:3454/saml/jsp/myIdPMetadata.jsp

Usage

With the Genero ImportIdP command, you can:
  • Register a SAML identity provider (IdP) in the GAS/JGAS for SAML Single sign-on.
  • List all registered IdPs
  • Remove the IdP identified by its URI.

Import option usage example

To register a SAML IdP, you must execute the ImportIdP command with the --import option and the IdP's metadata file or URL. The command must be run from the $FGLDIR/web_utilities/services/saml/bin directory:
cd $FGLDIR/web_utilities/services/saml/bin
fglrun ImportIdP --import http[s]://host:port/saml/jsp/myIdPMetadata.jsp

Where the IdP metadata file or URL is a mandatory parameter. Using a URL can require a proxy configuration in the fglprofile file.