Create an Access Gateway SAML proxy application
During this task we will create the header application, which will proxy requests to the SAML pass through application for accesses from the general internet.
- Sign in to the Access Gateway Admin UI console.
Click the Applications tab.
Click +Add to add a new application.
Select the Header Based option from the application menu, and click Create.
The New Protected Application wizard will start and display the Essentials pane for the application being added.
In the Essentials pane, specify the following:
Field Value Label A name for the application. For example SAML Pass through application. Public Domain A fully qualified host name. In this example external-saml<.domain.tld>. The externally (public facing) URL for the SAML application. Often the same as the Protected Web Resource. Protected Web Resource The URL of the protected resources.
In this example: SAMLtest.example.com. The IP address of the SAML pass through application, or its internal DNS name.
Group Enter the group containing the users who should have access to the application. Description Optional. An appropriate description for your application.
- If required select the Settings tab.
- Expand the Certificates pane.
By default a wild card self signed certificate is created and assigned to the application when the application is initially created.
- Optional. Click Generate self-signed certificate
A self-signed certificate is created and automatically assigned to the application.
- Optional. Select an existing certificate from the list of provided certificates.
Use the Search field to narrow the set of certificates by common name.
Use the page forward (>)and backward(<) arrows to navigate through the list of available certificates.
- Click Next. The Attributes pane appears.
- On the row containing the oag username attribute, click the Delete icon as the attribute it not required.
- Click Yes to confirm the deletion.
- Click Next.
- Click Done.