search cancel

SAML configuration with ADFS (Clarity On Premise)

book

Article ID: 213699

calendar_today

Updated On:

Products

Clarity PPM On Premise Clarity PPM SaaS

Issue/Introduction

The below additional steps are required if you have a SAML configuration / ADFS based

Environment

Release : 15.9.1+

SAML / ADFS Based

 

Resolution

  1. Login to the database.
  2. Run the below command, this will make the lookup editable in UI.

    UPDATE cmn_lookup_types SET is_system=0 WHERE lookup_type='AUTHN_CONTEXTS';

  3. Restart the appplication.
  4. Navigate to Administration → Lookups, search for lookup id AUTHN_CONTEXTS.
  5. Navigate to Values on the Lookup and add a new Value with name as 'urn:federation:authentication:windows' and id as 'windows'. 

  6. On the database run the below command to update the value of the lookup. 
    UPDATE ODF_MULTI_VALUED_LOOKUPS SET value='urn:federation:authentication:windows',DWH_VALUE ='urn:federation:authentication:windows' WHERE ATTRIBUTE = 'sec_req_auth_context';
  7. The ASSERTION_CON_URL of CMN_SEC_SAML_CONFIGS should be set to 'https://ppmserver.com/niku/nu' and not until #action:homeActionID. 
    Check with query:
    select ASSERTION_CON_URL from CMN_SEC_SAML_CONFIGS
    If not set as expected, run the query: 
    UPDATE CMN_SEC_SAML_CONFIGS SET ASSERTION_CON_URL='http(s)://ppmserver.com/niku/nu';

  8. Revert the changes to AUTHN CONTEXTS lookup_type (set back to System-restricted lookup) by running the following update.

    UPDATE cmn_lookup_types SET is_system=2 WHERE lookup_type='AUTHN_CONTEXTS';

  9. Restart the application service.