How To Protect Resources with a SAML 2.0 Authentication Scheme

Configuration Guides › Federation Security Services Guide › Configure SOA Security Manager as a SAML 2.0 Service Provider › How To Protect Resources with a SAML 2.0 Authentication Scheme

How To Protect Resources with a SAML 2.0 Authentication Scheme

Protect target federation resources by configuring a SOA Security Manager policy that uses the SAML 2.0 authentication scheme.

To protect a federation resource with a SAML authentication scheme:

Create a realm that uses the SAML authentication scheme. The realm is the collection of target resources that users request.
Create a realm in one of the following ways:
- Create a unique realm for each authentication scheme already configured.
- Configure a single target realm that uses a custom authentication scheme to dispatch requests to the corresponding SAML authentication schemes. Configuring one realm with a single target for all Identity Providers simplifies configuration of realms for SAML authentication.
After you configure a realm, establish an associated rule and optionally, a response.
Group the realm, rule, and response into a policy that protects the target resource.

Important! Each target URL in the realm is also identified in an unsolicited response URL. An unsolicited response is sent from the Identity Provider to the Service Provider, without an initial request from the Service Provider. The unsolicited response contains the target. At the Identity Provider, an administrator must include this response in a link so the Identity Provider can redirect the user to the Service Provider.

Email CA Technologies about this topic