WorkForce AtTask is a cloud based project management solution and it is capable of talking SAML.
Recently I had integrated AtTask application with Oracle Access Manager 11gR2 for SAML SSO integration where AtTask is SP and OAM is IDP.
AtTask uses its own repository for users. OAM uses AD LDAP for authentication store. Like any general SAML SSO integration, metadata has to be exported and imported into each provider.
The AtTask documentation details how to import metadata and configure mapping attributes.
In this post, I would like to detail what is different in this product for enabling SAML integration.
After enabling SAML SSO integration and importing metadata as per above documentation, we can test the SSO setup using Test the connection. During this process, the user is redirected to IDP and user submits credentials and SAML token is generated and passed onto SP (AtTask).
The test output page contains the $$NAMEID coming from IDP and typically it would be userid and this is the Federated ID. Federated ID is an attribute of AtTask user profile that is key for mapping user based on SAML assertion.
Login to AtTask as administrator. Goto user profile and update Federated ID with $$NAMEID output value. That’s it. You’re all set.
Note that regular login will not work when SAML SSO is enabled in AtTask. Hence it is recommended to update all user profiles with Federated ID value before enabling SAML SSO.
Hope this helps.
About the Author Mahendra
I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc.,
Look @ my blog: http://talkidentity.blogspot.com
