Enabling SAML for Meetings
Before you begin
The Sametime Meeting server redirects the user's login to be handled by the SAML Identity Provider (IdP) by way of the Sametime Proxy server. There is no need to configure a separate relying party trust on the Identity Provider, it shares the same configuration as the Sametime Proxy server. When Sametime Meeting Server is configured for SAML, the Sametime Meetings landing page changes from the traditional login page to a guest login page with a button for users to login. The login button redirects the user to the SAML IdP for authentication.
Before enabling the Sametime Meeting Sever for SAML, ensure that SAML authentication is working properly on the Sametime Proxy Server.
Meeting support for SAML
authentication requires:
- The im.meetingsenabled Anonymous policy must be set to 1 in the in the policies.user.xml on the Community Server. See Configuring Policies for more information.
- Guest access enabled in stconfig.nsf Anonymous Access document. (Configured by default)
- Anonymous Users access to Community Services is set to true. (Configured by default)
About this task
Enabling SAML for Meetings on Docker
Procedure
-
Update the .env file as shown in the following code sample.
"REACT_APP_SHOW_GUEST_LOGIN_BY_DEFAULT" to true "ENABLE_GUESTS" to "1"
-
The Sametime Meeting server uses the same IdP URL as the Sametime Proxy server. If this URL is
unknown, access the Sametime Proxy server host and open a command prompt. Change directories to
where the Sametime Proxy server is installed, then open the
conf\stproxyconfig.xml file.
Locate the <IDPUrl> section within the file and copy the URL, which is used in the Meeting server configuration.
- On the Sametime Meeting server, edit the custom.env file. Locate the line that begins with IDP_URL= and append the URL that was copied from the stproxyconfig.xml
- Save and close the custom.env.
Enabling SAML for Meetings on Kubernetes
Procedure
-
Locate the IdP URL being used in your Sametime Proxy environment. The same URL is used for
meetings. Perform the following steps to locate and copy the IdP URL.
-
Configure the Meetings cluster.
- From the machine where you extracted the Sametime meetings installer, change directories to the helm directory.
-
Use a text editor to edit the values.yaml file. Locate the line that
begins with
idpUrl:<value>
. - Copy the IdP URL from your working Sametime Proxy environment and paste the <value> for idpUrl key.
-
Create a new line below the idpUrl key and add the following statement. Be certain to preserve
indentation by using spaces so that it matches the other configuration settings.
ReactAppShowGuestLoginByDefault: true
- Save and close the values.yaml file.