SSO configuration - Data360_DQ+ - 11.X

Data360 DQ+ Enterprise Installation

Product type
Software
Portfolio
Verify
Product family
Data360
Product
Data360 DQ+
Version
11.X
Language
English
Product name
Data360 DQ+
Title
Data360 DQ+ Enterprise Installation
Copyright
2024
First publish date
2016
ft:lastEdition
2024-06-06
ft:lastPublication
2024-06-06T12:37:34.761477

Following installation, you can perform the following steps to enable SSO login for your organization.

Note: Note that if you are enabling SSO, you are required to enable SSL as well. For more information on this topic, see Enabling SSL.

Steps to enable Data360 DQ+ SSO (optional)

  1. Edit the install.properties file located at <DQPlus install dir>/properties/install.properties as follows:

    Property

    Value

    IS_SSL_ENABLED

    true

    LOAD_BAL_SSL_CERT

    Location of the SSL certificate file.

    For example: /SSL/sagacity.company.crt

    LOAD_BAL_SSL_CERT_KEY

    Location of the SSL certificate secret key file.

    For example: /SSL/sagacity.company.key

    LOAD_BAL_SSL_TRUSTED_CERT

    Same as value set for LOAD_BAL_SSL_CERT

    USE_IFRAME_FOR_SSO

    false

    DEPLOY_HOST

    The deployment host.

    For example: sagacity.company.com

    DEPLOY_HOST_URL

    The deployment host URL.

    For example: https://sagacity.company.com

    Note that HTTPS must be used here.

    IS_SAML_ENABLED

    true

    SAML_METADATA_IDP

    If you have file available from your IdP (identity provider), then specify it here.

    If unavailable, specify it to a temporary file so that generateSamlSpMetadata can run.

  2. Execute <DQPlus install Dir>/bin/generateSamlSpMetadata.

    You should see the SP (Service Provider) metadata file generated at <DATA_HOME>/saml/sagacity-sp-metadata.xml

    Copy the SP metadata file to another location as a backup.

  3. Verify that you have the key store used by Data360 DQ+ at the location specified by APP_KEYSTORE_FILE in the install.properties file. By default, the key store should be located at <sagacityExclusiveMountPoint>/security/sagacity.keystore.

    Copy the key store file to another location as a backup.

  4. Send the SP metadata file from Step 2 to your Identity Provider (Idp) for integration.

Configuring the Idp file

Configure the Identity Provider (Idp) file by setting the following claims:

Claim

Acceptable values

Email address

  • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
  • emailAddress

Full name

  • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
  • name

First name

  • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
  • givenName

Last name

  • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
  • surname

Group name

  • http://schemas.xmlsoap.org/claims/Group
  • Group

Name ID

  • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
  • NameID

The Idp metadata needs to be returned to the Data360 DQ+ installer.

The Idp file is provided by your Identity Provider (Idp) and contains information that is required by other applications for SSO.

Redeploying the application

  1. Prior to redeploying the application, you will need to update install.properties to indicate the location of the Idp file by setting the following property:

    Property

    Value

    SAML_METADATA_IDP

    The location of the Idp file configured in the previous step.

  2. Once the location of the Idp file is set, run the deploy script located at <Data360 DQ+ install dir>/bin/deploy to redeploy the application.