Altair Panopticon Streams Server Installation and Reference Help

SAML

Panopticon Streams supports Security Assertion Markup Language, SAML2. Upon a login request, Panopticon Streams will redirect the user to an Identity provider (IdP). The IdP will authenticate the user and redirect the user back to Panopticon Streams. The response message will be controlled and validated. Username and roles will be extracted from the response message and used within Panopticon Streams.

Panopticon Streams will redirect the user back to the IdP upon a logout request. The IdP logout service should then invalidate the SAML token.

Property	Description
authentication.saml.assertion.roles	User attribute for roles configured in the IdP.
authentication.saml.assertion.username	User attribute for username configured in the IdP.
authentication.saml.assertionconsumerservice.url	The URL to the Panopticon assertion consumer service. URL: [Protocol]://[Host]:[Port]/[Context]/server/rest/auth/login
authentication.saml.certificate.name	The name of the certificate used to validate signature and/or sign outgoing SAML messages
authentication.saml.certificate.password	The password of the certificate used to validate signature and/or sign outgoing SAML messages..
authentication.saml.identityprovider.logout.url	The URL to the IdP logout service.
authentication.saml.identityprovider.url	The URL to the IdP login service.
authentication.saml.keystore.file	The location of the Keystore file that contains the certificate.
authentication.saml.keystore.password	The password to the Keystore file.
authentication.saml.serviceprovider.id	The ID of the service provider configured in the IdP.
authentication.saml.identityprovider.certificate.file	Takes a file path to a certificate file that contains the IdP’s public key.
authentication.saml.identityprovider.signature.validation.required	Specifies whether to require a valid IdP signature to be present on the SAML response. Default value is false.
authentication.saml.provider	The IdP provider. Possible values are OPENSAML, OPENAM. Default value is OPENSAML.
authentication.saml.keystore.type	The key store type. Possible values are JKS, JCEKS, PKCS12. Default value is JKS.
authentication.saml.openam.meta.alias	The meta alias for the IdP if you are using OpenAM.