Symantec Access Management

  • Private Community

  • 1.  "Entity ID" and "entity name" in the siteminder GUI , is this an arbitrary value ?

    Posted Oct 12, 2016 12:27 PM
      |   view attached

    "Entity ID" and "entity name" in the siteminder GUI , is this an arbitrary value ? or  is this tied to any metadata or anything 



  • 2.  Re: "Entity ID" and "entity name" in the siteminder GUI , is this an arbitrary value ?
    Best Answer

    Posted Oct 12, 2016 08:53 PM

    Hi,

     

    Following explanation to entity id and entity name

     

    Entity ID
    Identifies the federation entity to a partner. The Entity ID is a universal identifier like a domain name. If the Entity ID represents a remote partner, this value must be unique. If the Entity ID represents a local partner, it can be reused on the same system. For example, if the Entity ID represents a local asserting party, this same ID can be used in more than one partnership.

    An Entity ID that represents a remote partner can only belong to a single active partnership.

    Value: URI

    Examples: CompanyA:portal1; http://ca-idp.forwardinc.com

     

    Entity Name
    Names the entity object in the policy store. The Entity Name must be a unique value. CA SiteMinder® uses the Entity Name internally to distinguish an entity at a particular site. This value is not used externally and the remote partner is not aware of this value.

    Note: The Entity Name can be the same value as the Entity ID, but the value is never shared with any other entity at the site.

    Value: An alphanumeric string

    Example: Partner1

     

    Hope this helps.

     

    Regards,

    Kar Meng



  • 3.  Re: "Entity ID" and "entity name" in the siteminder GUI , is this an arbitrary value ?

    Posted Oct 19, 2016 11:17 AM

    This information is available in the product documentation:

    SAML 1.1 Remote Consumer Entity - CA Single Sign-On - 12.6 - CA Technologies Documentation 



  • 4.  Re: "Entity ID" and "entity name" in the siteminder GUI , is this an arbitrary value ?

    Broadcom Employee
    Posted Oct 13, 2016 06:42 AM

    Hi Quantum1

     

    SungHoon_Kim has excellent article(s) about federation setup : 

     

    On this page he discusses those entries : 

    https://communities.ca.com/people/SungHoon_Kim/blog/2016/06/14/federation-starters-2

     

    Here are his notes, EntityId was the important one here is how he described it : 

    • EntityID is the unique ID that represents you as an entity for federation. It is usually a fully qualified hostname but it can be a simple text such as "idp" or "sp1" but it may not be so unique.  "http://www.sso.lab" or "http://www.partner.lab" would be a good entityID. This would appear as clear-text in the URL when you initiate federation so it is not a sensitive information although it plays a critical part in the federation.

     

    EntityID is what you SP told you.   Entity Name is what you want to call it.

     

    And here are the Entries for the IDP & SP Entities Kim uses : 

     

     

    Cheers - Mark