|
|
|
You can use assertion variables to help the SOA Agent build the assertion.
Example 1
If the web service is protected by the XML-DSIG authentication scheme, create an attribute that extracts the client’s public key from the certificate and adds it to the SAML assertion. To instruct the SOA Agent to get the public key from the digital certificate, enter the variable TXM_Public_Key with the value XMLDSIG.
The following table shows how to complete the Response Attribute fields:
|
Field |
Value |
|---|---|
|
Attribute |
WebAgent-SAML-Session-Ticket-Variable |
|
Attribute Kind |
Static |
|
Variable Name |
TXM_Public_Key |
|
Variable Value |
XMLDSIG |
If the public key is coming from the user directory, two response attributes are required. The fields for the first attribute in the Response Attribute dialog would be as follows:
|
Field |
Value |
|---|---|
|
Attribute |
WebAgent-SAML-Session-Ticket-Variable |
|
Attribute Kind |
User Attribute |
|
Variable Name |
TXM_User_Cert |
|
Variable Value |
usercertificate |
The fields for the second attribute in the Response Attribute dialog would be as follows:
|
Field |
Value |
|---|---|
|
Attribute |
WebAgent-SAML-Session-Ticket-Variable |
|
Attribute Kind |
Static |
|
Variable Name |
TXM_Public_Key |
|
Variable Value |
User_Store |
Example 2
To ensure that the assertion is placed in the SOAP envelope message header, the fields in the Response Attribute dialog would be as follows:
|
Field |
Value |
|---|---|
|
Attribute |
WebAgent-SAML-Session-Ticket-Variable |
|
Attribute Kind |
Static |
|
Variable Name |
TXM_SAML_Location |
|
Variable Value |
Envelope_Header |
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |