Configuration Tasks for SAML 2.0 Authentication

Configuration Guides › Federation Security Services Guide › Configure SOA Security Manager as a SAML 2.0 Service Provider › Configuration Tasks for SAML 2.0 Authentication

Configuration Tasks for SAML 2.0 Authentication

Required Tasks

Check Here	Required Tasks
	Complete the SAML 2.0 authentication scheme prerequisites.
	Select the authentication scheme type and assign it a name.
	Specify the users who are authenticated using the SAML 2.0 authentication scheme.
	Configure single sign-on and select the binding to be used.
	Associate the scheme with a realm. You can do this on a per Identity Provider basis or create a single custom authentication scheme and single realm.

Configure a SAML authentication scheme for each Identity Provider that is a federation partner and generates assertions. Each scheme must be bound to a realm, which consists of all the target URLs that comprise the target resources requested by users. Protect these resources with a SOA Security Manager policy.

Optional Tasks

Check Here	Optional Tasks
	Enable single logout.
	Enable encryption for Name IDs and/or assertions.
	Sign artifact resolve message and/or require signed artifact response.
	Customize assertions using the Message Consumer Plug-in.

Tips:

Certain parameter values at the Identity Provider and Service Provider must match for the configuration to work. A list of those parameters is available in Configuration Settings that Must Use the Same Values.
Verify that you are using the correct URLs for the Federation Web Services servlets. The URLs are listed in Federation Web Services URLs Used in SiteMinder Configuration.

Email CA Technologies about this topic