Products
- Muse^® Federated Search, today’s most powerful of its kind, is known as best of multiple target searching and content normalization to a single data model.
- Muse^® Proxy is a highly customizable multi-platform proxy server, easy to use and manage, acting as a gateway to authenticated content.
- Muse^® Harvest is based on different types of controlled extraction, such as search, date or feed based. it features a consistent delivery record format.
  - Overview
  - Features
- Muse^® Hybrid brings a powerful new approach to content discovery by combining real-time global federated searching with high performance central indexed searching.
  - Overview
  - Features
Services
Support
- FAQ
- Downloads
About
Contact

How do I configure my Muse Search Application with Azure AD SAML based authentication?

Follow the instructions from bellow for configuring the authentication for the Muse Search Application with Microsoft’s Azure Active Directory, using SAML.
In this scenario, the Muse Search Application is the Service Provider (SP), while Azure AD is the Identity Provider (IDP).

Generate the Service Provider Metadata

Access the administration end point for SAML at an URL of the form:
https://your_domain/muse/saml/web/metadata
where replace your_domain with the actual domain of the Muse installation.
Use admin as the username and the configured password.

In the Muse SSO Metadata Administration page click on the Generate new service provider button to access the metadata generation page.
In the Metadata Generation page, make sure the Signing key and Encryption key values are the proper ones. Fill in an alias value in the Entity alias input. The rest of configurations should be left with the default values. When done click the Generate metadata button.

In the Metadata Details page follow the steps listed in section “In order to permanently store the metadata follow these instructions:“.
After the restart of the Muse web service, access again the Muse SSO Metadata Administration page, the metadata details for the newly added entity and click the Download entity metadata button to download it.
Setup a new application in the Azure Portal

Access the Azure Portal at: https://portal.azure.com/ and navigate to Azure Active Directory -> Enterprise applications from the menu and click New Application. Add the custom application by accessing Create your own application link and add the name of the application (e.g. Muse Search), making sure the option Integrate any other application you don’t find in the gallery (Non-gallery) is selected. Then chose the application created and select Setup single sign-on from the Manage menu, and then click the “SAML” button to access the configuration guide.

In the new page click the Upload metadata file and select the metadata file which was downloaded at the previous step. All necessary values will be loaded in the Basic SAML Configuration, click the Save button to store them.

From the Set up Single Sign-On with SAML page, copy the value of App Federation Metadata Url to be used at the next step.

Make sure that the necessary user groups and users are configured to access the newly created Azure application. See the below instructions for doing this:
https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/add-application-portal-assign-users
Generate a new IDP

Access the Muse SSO Metadata Administration pages (as described at #1) and click the Add new identity provider metadata button.
In the Add New IDP Metadata files page, enter the URL copied from the Azure Portal in the Take metadata from URL: input and click the Test IDP metadata button.

Next follow the instructions listed in the page to finalize the setup of the new IDP entity.
Wire the Muse Search Application for SAML authentication

Follow the instruction from below to finalize the setup of SAML authentication with Microsoft Azure AD.

– Edit the ${MUSE_HOME}/aas/jaas.config file and add at the end of the file the below entry:
MuseKnowledge.Azure { com.edulib.ice.security.authentication.ICELoginModulePropertiesExtractor requisite config="${ICE_HOME}/profiles/ICELoginModulePropertiesExtractor.Azure.xml"; com.edulib.ice.security.authentication.ICELoginModule requisite ; };
– Download this file and place it in the following location ${USE_HOME}/profiles/ . Edit the downloaded file, locate the following placeholders: PLACE_HERE_THE_IDP_ENTITY_ID, MuseSearchApplicationID and MuseSearchApplicationPassword and replace them with the appropriate values.
– Test the integration using an URL of the form:
https://your_domain/muse/servlet/MusePeer/logon/alias/ALIAS?action=logon&userID=MuseKnowledge.Azure&templateFile=passThrough.html&errorTemplate=logon/logon.html&reuseSession=true&idp=IDP_ENTITY_ID
where replace your_domain, ALIAS and IDP_ENTITY_ID with the appropriate values.

How do I configure my Muse Search Application with Azure AD SAML based authentication?

Generate the Service Provider Metadata

Setup a new application in the Azure Portal

Generate a new IDP

Wire the Muse Search Application for SAML authentication