Previous Topic: Set Up Relying Party ComponentsNext Topic: Review the JVMOptions File for the JVM


Configure the SAML 1.x Assertion Generator File

The Policy Server at the producer includes a component named the assertion generator. For SAML 1.x only, the AMAssertionGenerator.properties file is required for the assertion generator to generate assertions. This properties file also contains commented instructions, which you can read for more information about the settings in the file.

The installed location of this file is:

policy_server_home/config/properties

The assertion generator works without modifying the settings in this file. However, the file contains default values that are used in the assertions, so change these values for your network.

Updates to the AmAssertionGenerator.properties file are picked up after the Policy Server is restarted.

To configure the AMAssertionGenerator.properties file

  1. Go to the directory policy_server_home/config/properties.
  2. Open the AMAssertionGenerator.properties file in a text editor.
  3. Modify the following parameters:
    AssertionIssuerID

    Specifies the URL that identifies the site issuing the assertion.

    This URL must be the same value as the Issuer field that you complete for a SAML authentication scheme.

    SecurityDomain

    Identifies the domain of the producer, such as example.com.

    SourceID

    Specifies for the SAML 1.x artifact profile only, a unique ID in the artifact that identifies the producer. For more information, see the SAML specification at the OASIS website.

Important! The values in this file must match the values for the equivalent settings at the consumer site.