Foglight for Databases - SAML Relying Party Configuration - RSA Ready Implementation Guide
2 years ago
This article describes how to integrate RSA with Foglight for Databases using SAML Relying Party.
   

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as Relying Party to Foglight for Databases.
Procedure
  1. Sign in to RSA Cloud Administration Console. 
  2. Click Authentication ClientsRelying Parties.                                                                                                                                              image.png
  3. On the Relying Party Catalog page, click Add a Relying Party and click Add for Service Provider SAML.                                              image.png
  4. On the Basic Information page, enter the name for the application in the Name field and click Next Step.                                                image.png
  5. In the Authentication tab, choose SecurID manages all authentication.
  6. Select a Primary Authentication Method and Access Policy as required and click Next Step.                                                                   image.png
  7. For providing Service Provider details, select Import Metadata and click Choose File.  
    1. Select the file that is downloaded from the Service Provider.  
    2. Construct the URL to obtain Foglight for Databases metadata.
      https://<SystemIP address>:<Port Number> console/saml2/metadata.xml                                                                                          image.png
  8. Review the ACS URL and Service Provider Entity ID values that are auto-filled.                                                                                          image.png                                                    The SP signs SAML requests checkbox and the certificate are auto-filled.                                                                            image.png
  9. In the SAML Response Protection section, choose IdP signs assertion within response.
  10. Download the certificate by clicking Download Certificate.                                                                                                                           image.png
  11. Click Show Advanced Configuration.
  12. Under the User Identity section, configure Identifier Type and Property. For example, Identifier TypeAuto Detect and PropertyAuto Detect.                                                                                                                                                               image.png
  13. Under the Attribute Extension section, add the following attribute.
    1. Attribute Name: email
    2. Attribute Source: Identity Source
    3. Property: mail                                                                                                                                                                                  image.png
  14. Click Save and Finish.
  15. On the My Relying Parties page, click the Edit drop-down icon and select the Metadata option to download the metadata.                 image.png
  16. Click Publish Changes. Your application is now enabled for SSO.                                                                                                            image.png         image.png   
  

Configure Foglight for Databases

Perform these steps to configure Foglight for Databases.
Procedure
  1. Log on to Foglight for Databases as an administrator.
  2. Go to Administration on the left pane of the console and click Users & Security under the Administer Server tab.                                  image.png
  3. Click SMAL 2.0 Integration Settings.                                                                                                                                                          image.png
  4. Click Enable to enable SAML 2.0 SSO Configuration and click Edit Settings to provide Identity Provider details.                           image.png
  5. Provide the following details and click Apply Configuration.
    1. Identity Provider Entity ID: The entityID value that can be obtained from the metadata file downloaded from RSA.
    2. Login URL: The SingleSignOnService value that can be obtained from the metadata file downloaded from RSA.
    3. Logout URL: The SingleLogoutService value that can be obtained from the metadata file downloaded from RSA.
    4. Attribute Key: Value as ‘email’. 
    5. Identity Provider x.509 Signing Certificate: Copy and paste the certificate downloaded from RSA.                                        image.png
  6. Navigate to Administration > Users & Security Management and click Manage Users, Groups, Roles.                                                image.png
  7. To add groups:
    1. Under the Users section, select a Name (user).
    2. In the Groups column, click Belongs to groups.
    3. Assign the user to groups as required by selecting the checkboxes and click Save.                                                                            image.png
  8. To add roles:
    1. Under the Users section select a Name (user).
    2. In the Roles column, click Take on roles.
    3. Assign the user roles as required by selecting the checkboxes and click Save.                                                                                image.png                                                                    

The configuration is complete.
Return to Foglight for Databases - RSA Ready Implementation Guide.

Related Articles

Trending Articles

Don't see what you're looking for?