|
|
|
The SAML Session Ticket authentication scheme provides a mechanism for single sign-on across web services protected by the same policy store. The scheme authenticates XML messages using credentials obtained from SAML Session Ticket assertions in an HTTP header, a document’s SOAP envelope, or a cookie. These strongly secure assertions are generated by a SOA Agent for Web Servers in the same Policy Server domain after initial authorization of the request, making the SAML Session Ticket authentication scheme the ideal basis for multiple web services deployed using the multistep authentication model or the chain authentication service model within a single enterprise.
A SAML Session Ticket assertion is a data structure that contains a SiteMinder session ticket and a public key (both encrypted). This assertion is used by the SAML Session Ticket authentication scheme to do the following:
By including the session ticket and the public key in the assertion, a web service consumer can access web services protected by SOA Agents in the same Policy Server domain without being rechallenged for credentials.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |