SAML with WSO2

To configure WSO2 SAML for erwin Mart Portal authentication, follow these steps:

1. Download WSO2 Identity Server here.

2. Extract the installer and open the extracted folder.

3. Run command prompt and run the wso2server.bat command.

   Ensure that the path for the JAVA_HOME environment variable is configured.

4. Copy the Mgt Console URL, highlighted in the following image.

   

5. Open the URL in a web browser and log in using the following credentials:

   • username: admin

   • password: admin

6. Under Service Providers, click Add.

   

7. Enter an appropriate Service Provider Name and click Register.
   

8. Click Upload SP certificate and upload the myerwin.mart.crt file available at C:\Program Files\erwin\Mart Portal\Apache\.

   
   

9. Expand Claim Configuration and click Use Local Claim Dialect.

10. Click Add Claim and add email address and groups.

    

    Similarly, you can add a display name here.

11. Under Inbound Authentication Configuration, click SAML2 Web SSO Configuration > Configure.

12. Configure properties as shown in the following image.

    

13. Click Download IDP Metadata.

14. Click Register.

15. Under Users and Roles, click Add > Add New User. Then, enter the necessary information.

    

16. Under Users and Roles, click Add > Add New Role. Then, enter the necessary information.

    

17. Click Finish.

    

18. For the required role, click Assign Users.

    

19. Click Finish.
20. Depending on your Mart version, do one of the following:

    • For Mart Portal on-premises, on the erwin Mart PortalConfiguration screen, click the Authentication tab, and then follow these steps:

      1. In the Metadata XML field, select File, and then add the IDP metadata file downloaded in step 13.

      2. In the Group Attribute Name, User Email Attribute Name, and User Display Name Attribute Name fields, enter the values that are configured in step 10.

         

         The User Email Attribute Name and User Display Name Attribute Name fields are optional.

    • For Mart Portal on cloud, share the following details with the Mart Cloud Support team:

      • IDP Metadata File

      • Group Attribute Name

      • User Email Attribute Name

      • User Display Name Attribute Name

      Once the support team authenticates erwin Mart Portal for you, you can move to adding groups in erwin Mart Portal at https://<your_instance>.myerwin.com/MartPortal.

Adding Groups in erwin Mart Portal

To add your WSO2 SAML groups to erwin Mart Portal, follow these steps:

1. Create a CSV file in the following format: <group_attribute_value>,<group_display_name>.

2. Log in to the erwin Mart Portal as an administrator.

3. Go to Application Menu > Users.
   The Users page appears.

   

4. Click Add User.
   The Add User page appears.

   

5. Under User Type, select SAML Group

   

6. Drag and drop the CSV file that you created in step 1.

7. Under Group name, select the required group.

8. In the Email Address field, enter your email address.

9. Click Save.

The group has been added.