|
|
|
In the chain authentication service model, the web service consumer obtains a SAML Session Ticket assertion from the first web service in the chain upon successful authentication. That assertion is subsequently used by other web services in the chain to authenticate the request.
To obtain the assertion, the web service consumer must send an XML document to the first web service in the chain; the web service provider need not supply a public key.
The SOA Agent dynamically generates a public/private key pair, and then creates the assertion. The assertion contains a session ticket and the public key corresponding to the generated private key. The SOA Agent then signs the document with its private key, which binds the document to the assertion.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |