I would need to test SAML setup. I understand IdP
(eg http://agentidp.example.com//affwebservices/redirectjsp/) needs to be protected with some Authentication Scheme Basic Template.
but how about my protected app, I read https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/partnership-federation/getting-started-with-a-simple-partnership and I do not understand how example target
(http://spapp.demo.com:80/spsample/welcome.html) is protected since there is no agent on it.
The Policy Server can use one of the following methods for the disambiguation process:
Extract the Name ID value from the assertion.
Use the value of a specific attribute from the assertion.
Use the value that the Xpath query obtains.
Did you put ODBC search specification like below?
name=%s
Please refer below link for User Identification at the Relying Party
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/partnership-federation/user-identification-for-a-partnership
Thanks,
Sharan