Configuration Guides › Policy Server Configuration Guide › Additional WS-Security Configuration Requirements › Configuration Requirements for Generating SAML Assertions

Configuration Requirements for Generating SAML Assertions

If your SOA security environment requires you to configure SOA Security Manager to add WS-Security tokens containing SAML assertions to SOAP documents for consumption by other web services, you must first perform some additional configuration using the Federation Security Services Administrative User Interface.

In all SAML token generation situations, you must create an Affiliate domain. Additionally, you must perform the following steps depending on the version of SAML tokens you need to generate:

• To create SAML 1.1 assertions, configure the SAML 1.x Assertion Generator properties file and add Affiliate objects to the Affiliate domain.
• To create SAML 2.0 assertions, add SAML 2.0 Service Provider objects to the Affiliate domain.

Note: Affiliate domains and related SAML token functionality are implemented as part of the CA SiteMinder Federation Security Services on the Policy Server. For more information, see the CA SiteMinder Federation Security Services Guide.