Informatica Managed File Transfer must identify and correlate the subject of an assertion with a Web User in
Managed File Transfer
. Typically, the user name will be in the NameID field within a SAML assertion. However,
Managed File Transfer
can also use an attribute within the assertion to identify the user name.
The Username tab contains the following settings:
Username Location
Select the NameID or Attribute where the user name is found.
NameID
The NameID element.
NameID Format
The format of the NameID element within the SAML response.
Managed File Transfer
will validate the NameID format before authenticating the SAML assertion.
Managed File Transfer
supports the following SAML Core V2.0 options:
Unspecified
X509SubjectName
Windows Qualified Domain Name
Email Address
Persistent
Transient
Kerberos
Entity
Attribute Name Format
The format of the attribute element that identifies a username within the SAML response.
Managed File Transfer
will validate the attribute format before authenticating the SAML assertion.
Managed File Transfer
supports the following SAML Core V2.0 options:
Basic
Uniform Resource Identifier
Attribute Name
The attribute name within the assertion XML that identifies the username.
Parse Username Value
When enabled, the value retrieved from the assertion can be parsed using a regular expression pattern.
Username Pattern
Specify a regular expression to parse a user a username value from the attribute.
NameID Example: The x509SubjectName NameID element format for user kharris is 'uid=kharris,ou=marketing,o=example,dc=example,dc=com.' To identify kharris using the uid, use uid=(.*),o=.* for the regular expression.
Attribute Example 2: The username 'kharris' will be parsed from the email address attribute from the SAML assertion. To identify the username, you can use the ([^@]+) regular expression to parse 'kharris' from 'kharris@example.com.'6
Test Response
Allows you to submit a sample assertion response to validate the current configuration.
Base64 Encoded
If the assertion is Base64 encoded, enabling this option will decode the assertion before validating.
SAML Response
Copy your sample assertion to this field.
Validate
Click the Validate button to validate the sample assertion against the SSO settings configured on the SAML tab. Managed File Transfer will attempt to find the user and verify they are authorized for the File Transfer Portal.
It is suggested that you set the global log level to debug while configuring SAML Single Sign-On. The SAML request and response messages will be written to the log, and can be validated using the Test Response option.