You can use assertion variables to help the SiteMinder WSS Agent build the assertion.
Example 1
If the web service is protected by the XML-DSIG authentication scheme, create an attribute that extracts the client’s public key from the certificate and adds it to the SAML assertion. To instruct the SiteMinder WSS Agent to get the public key from the digital certificate, enter the variable TXM_Public_Key with the value XMLDSIG.
The following table shows the properties of the primary response attribute:
Field |
Value |
---|---|
Attribute |
WebAgent-SAML-Session-Ticket-Variable |
Attribute Kind |
Static |
Variable Name |
TXM_Public_Key |
Variable Value |
XMLDSIG |
If the public key is coming from the user directory, two response attributes are required. The properties of the first required response attribute would be as follows:
Field |
Value |
---|---|
Attribute |
WebAgent-SAML-Session-Ticket-Variable |
Attribute Kind |
User Attribute |
Variable Name |
TXM_User_Cert |
Variable Value |
usercertificate |
The properties of the second required response attribute would be as follows:
Field |
Value |
---|---|
Attribute |
WebAgent-SAML-Session-Ticket-Variable |
Attribute Kind |
Static |
Variable Name |
TXM_Public_Key |
Variable Value |
User_Store |
Example 2
To ensure that the assertion is placed in the SOAP envelope message header, the properties of the required response attribute would be as follows:
Field |
Value |
---|---|
Attribute |
WebAgent-SAML-Session-Ticket-Variable |
Attribute Kind |
Static |
Variable Name |
TXM_SAML_Location |
Variable Value |
Envelope_Header |
Copyright © 2014 CA.
All rights reserved.
|
|