Use this table when configuring a SAML authentication scheme based on the profile type artifact for communicating security assertions. With the artifact profile type, the URL for retrieving the SAML assertion is referenced within the AssertionRetrievalURL portion of the Parameter string.
The structure fields referenced in the table are in Sm_PolicyApi_Scheme_t.
Information Type |
Value Assignment and Meaning |
|
---|---|---|
Scheme type |
nType=Sm_Api_SchemeType_SAMLArtifact The scheme type SAML Artifact. |
|
Description |
pszDesc=description The description of the authentication scheme. |
|
Protection level |
nLevel=value A value of 1 through 1000. The higher the number, the greater degree of protection provided by the scheme. Default is 5. |
|
Library |
pszLib="smauthsaml" The default library for this scheme type. |
|
Parameter
|
pszParam=param The following required parameters:
0. Meaning: 302 No Data. 1. Meaning: 302 Cookie Data. 2. Meaning: Server Redirect. 3. Meaning: Persist Attributes. |
|
|
||
|
//saml:AttributeValue/SM:/SMContent |
|
|
This query gets the text of the Username element.
0. Meaning: Basic authentication. 1. Meaning: Client certificate authentication.
|
|
|
Format of the parameter string is as follows. Separate name/value pairs with semi-colons ( ; ). The format example includes LDAP and ODBC attributes: Name=name;RedirectMode=0|1|2;SRCID=srcid; |
|
Shared secret |
pszSecret=secret The password for the affiliate site. |
|
Is template? |
bIsTemplate=0 Set to false (0) to indicate that the scheme is not a template. Any other value is ignored. |
|
Is used by administrator? |
bIsUsedbyAdmin=0 Set to false (0)-scheme is not used to authenticate administrators. |
|
Save credentials? |
bAllowSaveCreds=0 Set to false (0) to indicate that user credentials won't be saved. |
|
Is RADIUS? |
bIsRadius=0 Set to false (0)-scheme is not used with RADIUS agents. |
|
Ignore password check? |
bIgnorePwCheck=1 Set to true (1)-ignore password checking. |
Copyright © 2014 CA.
All rights reserved.
|
|