Google Search Appliance Enabling Windows Integrated Authentication version 6.8 User Manual

Page 17

Advertising
background image

Google Search Appliance: Enabling Windows Integrated Authentication

17

Configuring the Search Appliance to Use the SAML Bridge

You must now configure the Google Search Appliance so that it uses the SAML Bridge for
authentication. You do this by configuring it to use the authentication SPI. You need the following values
to configure the search appliance:

IDP Entity ID, which uniquely identifies the SAML Bridge installation. To locate this value, navigate to
the saml-bridge virtual directory and open the Web.config file. If the field is blank in the
web.config file, use the host name for this value.

The Login URL of the SAML Bridge, which is in the format:

http(s)://SAML-hostname:port/saml-bridge/Login.aspx

The Artifact Resolver URL, which you must provide because the SAML Bridge supports Artifact
Binding, but not Post Binding. The Artifact Resolver URL is in the format:

http(s)://SAML-hostname:port/saml-bridge/Resolve.aspx

To configure the search appliance, do the following:

1.

In the search appliance Admin Console, display Serving > Universal Login Auth Mechanisms.

2.

Go to the SAML tab.

3.

Select the credential group from the drop-down list.

4.

Type a value in the IDP Entity ID field.

5.

Type a value in the Login URL field.

6.

Type a value in the Artifact Resolver URL field.

7.

Leave the Public Key of IDP field blank.

8.

Click Save.

SSL is required by the SAML artifact consumer URL on the Google Search Appliance, but not by the
search page or SAML Bridge. However, if you do not enable SSL on both the Google Search Appliance
and SAML Bridge host, secure searches display warnings about redirection to secured sites from non-
secured sites. Therefore, Google recommends that you enable SSL on both the Google Search Appliance
and SAML Bridge.

For information on how to enable SSL for the Google Search Appliance, in the Admin Console, click
Administration > SSL Settings. Use the online help that is available from that page for information.

For information on how to enable SSL for SAML Bridge, refer to the Microsoft IIS documentation.

Continue to the section “Completing the Configuration Process” on page 21.

Configuring and Deploying the SAML Bridge for
Authentication and Authorization

Follow the instructions in this section if you are using the SAML Bridge for both authentication and
authorization.

Advertising
Popular Brands
Popular manuals