
Creating a Liberty IDP Site 25
Manual 3/17/03103Novell Confidential 03createidp.fm last saved 4/14/03
The Application Domain is an application/company extension to the Common Domain name
that the IDP will use for introductions.
The Application Domain and the Common Domain combine together to form a DNS name
that resolves to the same IP address as the Base URL Domain. If a port value other than the
Base URL port needs to be specified, it can be appended to the Common Domain.
2 At the Session Timeout drop-down menu, select how long you want your Liberty IDP to run
without timing out the session.
For IDP usage, we recommend that the minimum be at least two hours.
3 Select the Single Logout Method that you want to use from the drop-down menu. The default
is Silent.
There are two ways that the identity provider uses to log out service providers using a single
logout. One method is Silent, which is a behind-the-scenes method. The other way uses a
confirmation screen. If you use HTTP, you need to choose one of the methods: either silent,
or showing a notification screen.
If you choose Show Notification Screen, the identity provider will return a page that shows
all of the service providers that use this particular method to log out. These references generate
a request to the servers to log out. When they do, they return a checkmark graphic (the visual
notification) that shows they have logged out.
4 The Authentication Statement URI is optional. It references a statement about the
authentication policy for this identity provider. Enter your information in the empty field if
you want to include it in the information that is transferred to and from providers.
For example, if you are using Novell’s installed sample service provider code, you would
enter the following URL: http://<ip address of SP server>/nwt/metadata.
5 Click OK.
You are brought back to the Identity Sites page.
6 Click the name of your identity site.
3. Define Service Providers
Once you have set up your Liberty identity provider site, you need to identify the service providers
(SPs) your Liberty IDP will affiliate with.
IMPORTANT: You must already have an SP installed and configured before proceeding with the steps in this
section. For more information, see Appendix A, “Installing and Configuring a Sample Service Provider,” on
page 33.
1 Continuing from where you left off in Step 6 in the previous section, click the Affiliate Service
Providers link at the top of the screen.
The Affiliate Service Provider page appears.