Adding LiquidFiles Virtual Appliance

Configuring the LiquidFiles Virtual Appliance

  1. Select Directory Manager.
  2. Select Groups.
  3. Select the Blue plus sign in the bottom right corner.
    blue.PNG
  4. Name the Group LiquidFiles Users.
    Note: If you have other existing Groups for SSO users you can use one of these as well.
  5. Select ADD GROUP.
  6. Select SSO Manager.
  7. Select the Blue plus sign in the bottom right corner.
    blue.PNG
  8. Select the Catalog Icon.
    mceclip0.png
  9. Select LiquidFiles from catalog.
    mceclip0.png
  10. Select Application Enabled.
    mceclip1.png
  11. Select the desired Authentication Policy. Use default if you are not certain. 
    mceclip1.png
  12. Select Protocol Setup.
    Reply to URL: https://<yourdomain.com>/saml/init
    Audience URI: https://<yourdomain.com>/saml/consume
  13. Select Attribute Transformation.
    Update the attributes
    Attribute Value: {User.PrincipalName} 
    Issue as type: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
    Select Add Mappying
    select Add custom Attributes 
    Attribute Value: {User.EmailAddress}
    Issue as type: email
  14. Select Add Application.
    mceclip2.png
  15. Select Permissions.
    mceclip3.png
    Select the group created in Step 4.
  16. Select Save Changes.

Configure the LiquidFiles Virtual Appliance for Single Sign On

    1. Log into the LiquidFiles Virtual Appliance with an administrative account.
    2. Navigate to the Admin section and select Single Sign-On from the left menu.

    1. Specify the Protocol as SAML 2
    2. Set the IdP Login URL to the SP-Init endpoint in PasslySingle Sign On. This URL is located at https://<yourdomain.com>/sso/federation/passive/Saml2SPInit where “yourdomain.com” points to your Passly server
    3. Set the Logout URL to the Passly Single Sign On Single Sign Out URL (bit of a tongue twister, eh?). This URL is located at https://<yourdomain.com>/sso/federation/passive/signout.
    4. Note: Setting the logout URL to the SSO Log Out URL will cause you to logout of Passly  Single Sign On when you log out of LiquidFiles. If you don’t want that to happen you can specify the SSO Portal as the logout URL, e.g. https://<yourdomain.com>/sso
    5. Specify the thumbprint from the Signing Certificate in the application configuration in Passly Single Sign On. You can find this by navigating to the LiquidFiles application in Passly Manager and opening the Certificate Authority section. The thumbprint can be copied directly into the LiquidFiles configuration.

    1. Finally, modify the Authentication Context tourn:oasis:names:tc:SAML:2.0:ac:classes:Password . Otherwise, you will be prompted to elevate credentials within Passly Single Sign On.

If you don’t want to modify the Authn Context in LiquidFiles and do not want to require elevation in Single Sign On, contact support to reconfigure the authentication type for the LiquidFiles application in  Single Sign On.

  1. Save the changes and try logging into LiquidFiles from the Passly Single Sign On portal. You should see the application in the list.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us