SAP NetWeaver Java SAML configuration guide

Similar documents
SAP NetWeaver AS Java

SAP NetWeaver Fiori. For more information, see "Creating and enabling a trusted provider for Centrify" on page

Connected Data. Connected Data requirements for SSO

SP-initiated SSO for Smartsheet is automatically enabled when the SAML feature is activated.

Configuring. SugarCRM. Chapter 121

Configuring. SuccessFactors. Chapter 67

Google Apps Deployment Guide

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

An overview of configuring WebEx for single sign-on. To configure the WebEx application for single-sign on from the cloud service (an overview)

Configuring SuccessFactors

For details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.

An overview of configuring Intacct for single sign-on. To configure the Intacct application for single-sign on (an overview)

SAML single sign-on configuration overview

Configuring Parature Self-Service Portal

Configuring Salesforce

Configuring. Moodle. Chapter 82

SAML single sign-on configuration overview

Sharepoint server SSO

Configuring on-premise Sharepoint server SSO

Creating a generic user-password application profile

Centrify Cloud Connector Deployment Guide

Dell One Identity Cloud Access Manager How to Configure for SSO to SAP NetWeaver using SAML 2.0

An Overview of Samsung KNOX Active Directory-based Single Sign-On

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

Centrify Mobile Authentication Services for Samsung KNOX

Centrify Cloud Management Suite

Centrify Mobile Authentication Services

An Overview of Samsung KNOX Active Directory and Group Policy Features

Configuring Single Sign-on from the VMware Identity Manager Service to AirWatch Applications

CA Nimsoft Service Desk

Deploying the Workspace Application for Microsoft SharePoint Online

Collaboration Technology Support Center Microsoft Collaboration Brief

Security Assertion Markup Language (SAML) Site Manager Setup

Centrify Identity Service and Mac - Online Training

ACTIVID APPLIANCE AND MICROSOFT AD FS

Centrify Identity and Access Management for Cloudera

Hyper-V Server 2008 Setup and Configuration Tool Guide

Configuring Single Sign-on from the VMware Identity Manager Service to WebEx

HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services

Implementation Guide SAP NetWeaver Identity Management Identity Provider

Single Sign On for ShareFile with NetScaler. Deployment Guide

SAML 2.0 Configurations at SAP NetWeaver AS ABAP and Microsoft ADFS

Configuring Single Sign-On from the VMware Identity Manager Service to Office 365

Centrify Suite Enterprise Edition Online Training

Windows Azure Pack Installation and Initial Configuration

McAfee Cloud Identity Manager

Egnyte Single Sign-On (SSO) Installation for OneLogin

Windows Server Update Services 3.0 SP2 Step By Step Guide

Automating Cloud Security with Centrify Express and RightScale

Two-Factor Authentication

Enabling Kerberos SSO in IBM Cognos Express on Windows Server 2008

Technical Brief for Windows Home Server Remote Access

Active Directory Provider User s Guide

StreamServe Persuasion SP5 Control Center

Managing UNIX Generic and Service Accounts with Active Directory

Flexible Identity Federation

Single Sign-On between SAP Portal and SuccessFactors

Samsung KNOX EMM Authentication Services. SDK Quick Start Guide

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Windows Least Privilege Management and Beyond

How to Secure a Groove Manager Web Site

Overview of Microsoft Office 365 Development

McAfee Cloud Identity Manager

McAfee Cloud Identity Manager

Pipeliner CRM Phaenomena Guide Sales Pipeline Management Pipelinersales Inc.

IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS

AVG Business SSO Partner Getting Started Guide

Using Apple Remote Desktop to Deploy Centrify DirectControl

Managing users. Account sources. Chapter 1

How To Configure A Windows 8.1 On A Windows (Windows) With A Powerpoint (Windows 8) On A Blackberry) On An Ipad Or Ipad (Windows 7) On Your Blackberry Or Black

Deploying NetScaler Gateway in ICA Proxy Mode

What s New in Centrify Privilege Service Centrify Identity Platform 15.4

Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal

WatchDox Administrator's Guide. Application Version 3.7.5

Microsoft Office Live Meeting Events User s Guide

Pipeliner CRM Phaenomena Guide Opportunity Management Pipelinersales Inc.

Configuring Single Sign-on from the VMware Identity Manager Service to Dropbox

Pipeliner CRM Phaenomena Guide Getting Started with Pipeliner Pipelinersales Inc.

How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On

DocAve for Office 365 Sustainable Adoption

Centralized Mac Home Directories with ExtremeZ-IP

Using SAML for Single Sign-On in the SOA Software Platform

StarWind iscsi SAN Software: Challenge-Handshake Authentication Protocol (CHAP) for Authentication of Users

StarWind iscsi SAN Software: Installing StarWind on Windows Server 2008 R2 Server Core

Pipeliner CRM Phaenomena Guide Add-In for MS Outlook Pipelinersales Inc.

Pipeliner CRM Phaenomena Guide Sales Target Tracking Pipelinersales Inc.

Implementing and Supporting Windows Intune

Egnyte Single Sign-On (SSO) Installation for Okta

Configuring Single Sign-on from the VMware Identity Manager Service to ServiceNow

Test Lab Guide: Creating a Windows Azure AD and Windows Server AD Environment using Azure AD Sync

This chapter describes how to use the Junos Pulse Secure Access Service in a SAML single sign-on deployment. It includes the following sections:

CA Performance Center

SAML Authentication Quick Start Guide

FileMaker Server 13. Getting Started Guide

Macintosh Printer Management using Centrify DirectControl Group Policies

Single Sign On (SSO) Implementation Manual. For Connect 5 & MyConnect Sites

Identity Implementation Guide

Top Six Things to Consider with an Identity-as-a-Service (IDaaS) Solution

Transcription:

C E N T R I F Y G U I D E SAP NetWeaver Java SAML configuration guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component of your corporate identity and access infrastructure. Our thorough approach to availability, reliability, scalability, security and privacy ensures that you can depend on Centrify as a trusted partner and provider.

Information in this document, including URL and other Internet Web site references, is subject to change without notice. Unless otherwise noted, the example companies, organizations, products, domain names, email addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, e-mail address, logo, person, place or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Centrify Corporation. Centrify may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Centrify, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. 2015 Centrify Corporation. All rights reserved. Centrify, DirectControl and DirectAudit are registered trademarks and Centrify Suite, DirectAuthorize, DirectSecure and DirectManage are trademarks of Centrify Corporation in the United States and/or other countries. Microsoft, Active Directory, Windows, Windows NT, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 2

Contents Configuring SAP NetWeaver AS Java... 4 AN OVERVIEW OF CONFIGURING SAP NETWEAVER AS JAVA FOR SSO... 4 Configuring SAP NetWeaver AS Java in Cloud Manager... 5 CONFIGURING ROLES FOR SAP NETWEAVER IN CLOUD MANAGER:... 5 TO ADD AND CONFIGURE THE SAP NETWEAVER AS JAVA APPLICATION IN CLOUD MANAGER:... 8 ENABLING SAML AND CREATING A LOCAL PROVIDER IN SAP NETWEAVER ADMINISTRATOR... 18 CREATING AND ENABLING A TRUSTED PROVIDER... 25 CREATING A NEW AUTHENTICATION STACK FOR SAML 2.0... 30 CONFIGURING THE SAML 2.0 LOGIN PROCESS TO USE THE AUTHENTICATION STACK... 33 Configuring SAP NetWeaver AS Java in Cloud Manager... 34 ABOUT CENTRIFY... 35 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 3

Configuring SAP NetWeaver AS Java SAP NetWeaver Application Server ("AS") Java (Stack) is one of the two installation options of SAP NetWeaver AS. The other option is the ABAP Stack, which is run totally separately from the Java Stack. If you re trying to configure the SAP NetWeaver AS Java, you re in the right place. Note: This document is written with SAP NetWeaver AS Java 7.3 EHP1 (7.3.1). If you are not using version 7.4 your interface may differ from the illustrations. Only versions 7.3, 7.3.1 and 7.4 are supported. An overview of configuring SAP NetWeaver AS Java for SSO The following is an overview of the steps required to configure the SAP NetWeaver AS Java Web application for single sign-on (SSO) via SAML. SAP NetWeaver AS Java offers both IdP-initiated SAML SSO (for SSO access through the user portal or Cloud Manager) and SP-initiated SAML SSO (for SSO access directly through the SAP NetWeaver AS Java web application). You can configure SAP NetWeaver AS Java for either or both types of SSO. Enabling both methods ensures that users can log in to SAP NetWeaver AS Java in different situations such as clicking through a notification email. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 4

Configuring SAP NetWeaver AS Java in Cloud Manager Configuring Roles for SAP NetWeaver in Cloud Manager: To map users to SAP NetWeaver Groups and Roles you need to create Roles in Cloud Manager. 1. In Cloud Manager, click Roles 2. Click Add Role 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 5

3. Enter a Name and Description for the Role. Example Name: SAP-Access Example Description: Access to SAP NetWeaver IMPORTANT NOTE: You need to add at least the Administrators to the Role or you will lock yourself out of SAP once SAML SSO is enabled. 4. Click Members 5. Click Add 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 6

6. Within the Add Members dialog search for the user you want to make a member of this role 7. Select the user 8. Click Add 9. Repeat steps 6-8 until you added all users who need access to SAP 10. Click Save 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 7

To add and configure the SAP NetWeaver AS Java application in Cloud Manager: 1. In Cloud Manager, click Apps. 2. Click Add Web Apps. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 8

3. The Add Web Apps screen appears. 4. On the Search tab, enter the partial or full application name in the Search field and click the search icon. 5. Next to the application, click Add. 6. In the Add Web App screen, click Yes to confirm. 7. Cloud Manager adds the application. 8. Click Close to exit the Application Catalog. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 9

9. The application that you just added opens to the Application Settings page. 10. On the Application Settings page, click Download Identity Provider Metadata File. This downloads an XML file onto your computer that you will need in the section, Creating and enabling a trusted provider. 11. On the Application Settings page, expand the Additional Options section and specify the following Optional settings: Option Description Application ID Configure this field if you are deploying a mobile application that uses the Centrify mobile SDK, for example mobile applications that are deployed into a Samsung KNOX version 1 container. The cloud service uses the Application ID to provide single sign-on to mobile applications. Note the following: The Application ID has to be the same as the text string that is specified as the target in the code of the mobile application written using the mobile SDK. If you change the name of the web application that corresponds to the mobile application, you need to enter the original application name in the Application ID field. There can only be one SAML application deployed with the name used by the mobile application. The Application ID is case-sensitive and can be any combination of letters, numbers, spaces, and special characters up to 256 characters. Show in User app list Select Show in User app list so that this web application displays in the user portal. (By default, this option is selected.) 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 10

If this web application is only needed in order to provide SAML for a corresponding mobile application, deselect this option. This web application won t display for users in the user portal. Security Certificate These settings specify the signing certificate used for secure SSO authentication between the cloud service and the web application. Just be sure to use a matching certificate both in the application settings in the Cloud Manager and in the application itself. Select an option to change the signing certificate. Use existing certificate When selected the certificate currently in use is displayed. It s not necessary to select this option it s present to display the current certificate in use. Use the default tenant signing certificate Select this option to use the cloud service standard certificate. This is the default setting. Use a certificate with a private key (pfx file) from your local storage Select this option to use your organization s own certificate. To use your own certificate, you must click Browse to upload an archive file (.p12 or.pfx extension) that contains the certificate along with its private key. If the file has a password, you must enter it when prompted. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 11

12. (Optional) On the Description page, you can change the name, description, and logo for the application. For some applications, the name cannot be modified. The Category field specifies the default grouping for the application in the user portal. Users have the option to create a tag that overrides the default grouping in the user portal. 13. On the User Access page, select the role(s) that represent the users and groups that have access to the application. When assigning an application to a role, select either Automatic Install or Optional Install: 14. Select Automatic Install for applications that you want to appear automatically for users. If you select Optional Install, the application doesn t automatically appear in the user portal and users have the option to add the application. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 12

15. (Optional) On the Policy page, specify additional authentication control for this application. You can select one or both of the following settings: 16. Restrict app to clients within the Corporate IP Range: Select this option to prevent users outside the company intranet from launching this application. To use this option, you must also specify which IP addresses are considered as your intranet by specifying the Corporate IP range in Settings > Corporate IP Range. 17. Require Strong Authentication: Select this option to force users to authenticate using additional, stronger authentication mechanisms when launching an application. Specify these mechanisms in Policy > Add Policy Set > Account Security Policies > Authentication. 18. You can also include JavaScript code to identify specific circumstances when you want to block an application or you want to require additional authentication methods. For details, see Specifying application access policies with JavaScript. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 13

19. On the Account Mapping page, configure how the login information is mapped to the application s user accounts. The options are as follows: 20. Use the following Directory Service field to supply the user name: Use this option if the user accounts are based on user attributes. For example, specify an Active Directory field such as mail or userprincipalname or a similar field from the Centrify user service. 21. Everybody shares a single user name: Use this option if you want to share access to an account but not share the user name and password. For example, some people share an application developer account. 22. Use Account Mapping Script: You can customize the user account mapping here by supplying a custom JavaScript script. For example, you could use the following line as a script: LoginUser.Username = LoginUser.Get('mail')+'.ad'; The above script instructs the cloud service to set the login user name to the user s mail attribute value in Active Directory and add.ad to the end. So, if the user s mail attribute value is Adele.Darwin@acme.com then the cloud service uses Adele.Darwin@acme.com.ad. For more information about writing a script to map user accounts, see the SAML application scripting guide. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 14

23. (Optional) On the Advanced page, you can edit the script that generates the SAML assertion, if needed. In most cases, you don t need to edit this script. For more information, see the SAML application scripting guide. Note On the Changelog page, you can see recent changes that have been made to the application settings, by date, user, and the type of change that was made. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 15

24. (Optional) On the App Gateway page, you can configure the application so that your users can access it whether they are logging in from an internal or external location. For applications configured for the App Gateway, users do not have to use a VPN connection to access the application remotely. The App Gateway feature is a premium feature and is available only in the Centrify Identity Service App+ Edition. Please contact your Centrify representative to have the feature enabled for your account. 25. Click Learn More for step by step instructions on how to configure App Gateway 26. Click Workflow to set up a request and approval work flow for this application. The Workflow feature is a premium feature and is available only in the Centrify Identity Service App+ Edition. See Configuring Workflow for more information. 27. Click Learn More for step by step instructions on how to configure Workflow 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 16

28. Click Save. After configuring the application settings (including the role assignment) and the application s web site, you re ready for users to launch the application from the user portal. Leave the browser tab open to the Cloud Manager. You will use it again in 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 17

Enabling SAML and creating a local provider in SAP NetWeaver Administrator To enable and configure SAML 2.0 in SAP NetWeaver: 1. Open a new browser tab, navigate to your Web GUI URL (resembles: http(s)://<sap-java-hostnameand-port-number>/nwa), and log in to the SAP NetWeaver Administrator as an administrator. 2. Select Configuration > Authentication and Single Sign-On. 3. Click SAML 2.0 > Enable SAML 2.0 Support. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 18

4. In Provider Name, enter CentrifySAML and click Next. Note: If you enter a different provider name here, you must also enter it in the Local Provider Name field in Application Settings of your SAML application. 5. Click Browse for Signing Key Pair. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 19

6. Click Create. 7. Supply an Entry Name to identify this key entry. All the other required fields in this box have default values. Make any desired changes to these other fields. 8. Click Next. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 20

9. In commonname, enter any value you would like SAP to use to identify this key pair when SAP generates it. For example, use the host name of your SAP NetWeaver AS Java instance. 10. Click Finish. The Select Keystore Entry window appears showing the new key pair you just created. 11. Click OK. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 21

12. Under Signature and Encryption, Signing Key Pair and Encryption Key Pair are filled in for you with the new key pair you just created. 13. Select On under Legacy Systems Support (Issue Login Ticket). 14. Click Next. 15. (Optional) If you plan to use SP-initiated SSO, choose one of the following for the Selection Mode under Identity Provider Discovery: Manual: displays the identity provider selection screen when the SP-initiated SSO launches. Then the user must select a configured IdP, or click the Cancel button to return to the username-password login screen. Automatic: redirects users to the default trusted provider (configured later starting here: Creating and enabling a trusted provider). Users who lose access to their IdP are locked out of SAP NetWeaver AS Java. 16. (Optional) Uncheck the remaining check boxes. 17. Click Finish. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 22

18. Under Local Provider, select Service Provider Settings 19. Click Edit. 20. Copy the Endpoint URL paste it into the ACS Endpoint URL in the SAP Application Settings ACS URL field in the Centrify Cloud Manager and click Save 21. In Default Application Path, enter the relative path to the page where you want SSO users to land, such as: /irj/portal 22. Click Save. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 23

23. (Optional) If you plan to use SAML over HTTP, follow these steps: 24. Click General Settings. 25. Click Edit. 26. Select Yes for Allow HTTP Access. 27. Click Save. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 24

Creating and enabling a trusted provider 1. Click Trusted Providers. 2. Select Add > Uploading Metadata File. 3. In the SAML 2.0 Configuration pop-up window, click Choose File and select the metadata file you downloaded in step 10 in chapter To add and configure the SAP NetWeaver AS Java application in Cloud Manager: 4. Click Next. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 25

5. (Optional) Enter Centrify as the Alias. If entered, SAP NetWeaver AS Java will show the name of the alias on the IdP selection screen; if not entered the selection screen will show the IdP s Entity ID that was provided in the IdP Metadata. 6. Click Next. 7. On the screen that appears, leave all the default values unchanged and click Next again. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 26

8. Select HTTP Post and click Next. 9. Continue clicking Next without changing any values until the Finish button appears. 10. Click Finish. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 27

11. Select the trusted provider you just created under the List of Trusted Providers. 12. Click Edit. 13. Click Identity Federation under Details of trusted provider. 14. Click Add. 15. Select Unspecified as the Format Name. 16. Click OK 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 28

17. Select Logon ID as the User ID Mapping Mode. 18. Click Save at the top of the screen. 19. Click Enable. 20. The Active icon changes from a gray diamond to a green square. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 29

Creating a new authentication stack for SAML 2.0 1. Go to the Authentication tab. 2. Click Add. 3. Enter centrify-saml20 as the Configuration Name. 4. Leave the default Type set to Custom. 5. Click Create. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 30

6. Your new custom configuration displays as the selected configuration in the Authentication tab. 7. Click Edit in the Authentication Stack tab. 8. Click Add 9. Select EvaluateTicketLoginModule from the <Select Login Module> drop-down list. 10. Click Add 11. Select SAML2LoginModule from the <Select Login Module> drop-down list. 12. Click Add 13. Select BasicPasswordLoginModule from the <Select Login Module> drop-down list. 14. Click Add 15. Select CreateTicketLoginModule from the <Select Login Module> drop-down list. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 31

16. Select the Optional flag for CreateTicketLoginModule. 17. Click Save. Your Login Modules table should look like this: 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 32

Configuring the SAML 2.0 login process to use the authentication stack 1. In the Policy Configuration Name table, scroll down and select Ticket. 2. Click Edit in the Authentication Stack tab. 3. Enter centrify-saml20 as the Used Template. 4. Click Save. 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 33

Configuring SAP NetWeaver AS Java in Cloud Manager To finish configuring the SAP NetWeaver AS Java application in Cloud Manager: 1. Return to the browser tab you were using to work in the Cloud Manager in and navigate to the Application Settings screen of your SAP NetWeaver AS Java app. 2. Paste the SAML Endpoint URL from the SAP NetWeaver AS Java Administrator. Into the ACS Endpoint URL field if this step was not completed in step 20 in chapter Enabling SAML and creating a local provider in SAP NetWeaver Administrator 3. Enter the local provider name you provided in Step 4 in chapter Enabling SAML and creating a local provider in SAP NetWeaver Administrator 4. Click Save 5. This concludes the SAP NetWeaver SAML authentication with Centrify configuration 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 34

About Centrify Centrify strengthens enterprise security by managing and securing user identities from cyber threats. As organizations expand IT resources and teams beyond their premises, identity is becoming the new security perimeter. With our platform of integrated software and cloud-based services, Centrify uniquely secures and unifies identity for both privileged and end users across today s hybrid IT world of cloud, mobile and data center. The result is stronger security and compliance, improved business agility and enhanced user productivity through single sign-on. Over 5000 customers, including half of the Fortune 50 and over 80 federal agencies, leverage Centrify to secure their identity management. Learn more at www.centrify.com. Santa Clara, California: +1 (669) 444-5200 Email: sales@centrify.com EMEA: +44 (0) 1344 317950 Web: www.centrify.com Asia Pacific: +61 1300 795 789 Brazil: +55 11 3958 4876 Latin America: +1 305 900 5354 2015 CENTRIFY CORPORATION. ALL RIGHTS RESERVED 35

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information