Configuration Guides › Policy Server Configuration Guide › Authentication Schemes › SAML Session Ticket Authentication › Configure the SAML Session Ticket Authentication Scheme

Configure the SAML Session Ticket Authentication Scheme

To obtain security information from SAML Session Ticket assertions in an HTTP header, a SOAP envelope, or a cookie associated with an incoming message, you must configure the SAML Session Ticket authentication scheme.

Note: The following procedure assumes you are creating a new object. You can also copy the properties of an existing object to create an object. More information exists in Duplicate Policy Server Objects.

To configure the authentication scheme

1. Click Infrastructure, Authentication.
2. Click SOA Authentication Scheme, Create SOA Authentication Scheme.

   The Create Authentication Scheme pane opens.

3. Click OK.

   Authentication scheme settings open.

   Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

4. Enter a name and a description for the scheme in the General group box.
5. Select SAML Session Ticket from the Authentication Scheme Type list.
6. Enter a protection level.
7. In the Scheme Setup group box, do the following:
   • Specify where you want the SAML assertion to be placed. Select Envelope Header or HTTP Header option, as appropriate.
   • Optionally, if the incoming documents need to be signed, select the Require signature on XML message check box.
   • Optionally, to perform authentication over an SSL connection, select the Require Secure Transport Layer check box.

     This option is not necessary with this scheme; however, you can use SSL if you want to encrypt the communication over the network.

8. Click Submit.

   The authentication scheme is saved and may be assigned to application components (realms).