|
|
|
How the Consumer Obtains the Assertion
When a web service consumer makes a request for a web service, the web service consumer must get the assertion from the authentication service, which is protected by the SOA Agent. The assertion can be obtained using any method of authentication, making sure the method is highly secure. If the web service consumer intends to sign documents containing the assertion, the initial request must provide a public key to the SOA Agent. The key can be provided in an XML document, by the XML-DSIG authentication scheme, or by the Policy Server from the user store.
After the web service consumer is authenticated, the web service consumer goes through the authorization process. If the web service consumer is successfully authorized, the SOA Agent responds by returning a SAML Session Ticket assertion containing an encrypted CA SiteMinder session ticket and the client’s public key to the authentication service.
Note: The initial request for an assertion can be in the form of a signed XML document, but this is optional and is determined by the client’s authentication service setup.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |