-acsUrl |
This parameter is required. It specifies the
assertion consumer service (ACS) URL. |
-enable |
This parameter specifies whether to enable or
disable trust association. You can specify either true or false. |
-ssoId |
This parameter is optional and is specified
as an integer. It is the identifier for the group of custom properties
that are defined for the SSO service provider partner. If this parameter
is not specified, the next available identifier is used. |
-securityDomainName |
This parameter specifies the name of the security
domain of interest and is specified as a String. If a value for this
parameter is not specified, the command uses the global security configuration. |
-trustStoreName |
This parameter specifies the truststore name
if not using the system default truststore. |
-keyStoreName |
This parameter specifies the keystore name if
not using the system default keystore. |
-keyName |
This parameter specifies the key name used to
decrypt the encrypted SAML assertion. |
-keyAlias |
This parameter specifies the key alias used
to decrypt the encrypted SAML assertion. |
-keyPassword |
This parameter specifies the key password used
to decrypt the encrypted SAML assertion. |
-idMap |
This parameter specifies how the SAML token
is mapped to the subject. You can specify one of the following values:
- idAssertion - the user specified in the SAML assertion is not
checked in the local registry
- localRealm - the SAML token user is verified in the local user
registry
- localRealmThenAssertion - if the user is not found in the local
registry, IDAssertion is used
|