Previous Topic: Creating Links to Consumer Resources for Single Sign-onNext Topic: SAML 1.x Authentication Schemes


Configure CA SiteMinder® as a SAML 1.x Consumer

This section contains the following topics:

Prerequisites for a CA SiteMinder® Relying Partner

How To Configure CA SiteMinder® as a SAML 1.x Consumer

SAML 1.x Authentication Schemes

SAML 1.x Authentication Scheme Prerequisites

Configure SAML 1.x Artifact Authentication

Configure SAML 1.x POST Profile Authentication

Customize Assertion Processing with the Message Consumer Plug-in

Redirect Users After Failed SAML 1.x Authentication Atempts

Supply SAML Attributes as HTTP Headers

Enable Client Certificate Authentication for the Back Channel (optional)

How To Protect a Resource with a SAML 1.x Authentication Scheme

Prerequisites for a CA SiteMinder® Relying Partner

For CA SiteMinder® to serve as the relying partner, complete following tasks:

How To Configure CA SiteMinder® as a SAML 1.x Consumer

Configuring CA SiteMinder® as SAML 1.x consumer requires the following tasks:

  1. Complete the SAML 1.x authentication scheme prerequisites.
  2. Select the authentication scheme type and assign it a name.
  3. Specify the namespace for users being authenticated with the SAML 1.x authentication scheme.
  4. Select the single sign-on profile that this consumer supports (artifact or POST).
  5. Configure a SAML authentication scheme for each Producer that is a federation partner and generates assertions. Bind each scheme to a realm. The realm must contain the target URLs for federated resources. Protect these resources with a CA SiteMinder® policy.

Tips:

Optional Tasks to Configure a CA SiteMinder® Consumer

The following tasks are optional for configuring CA SiteMinder® as a consumer:

Navigating Legacy Federation Dialogs

The Administrative UI provides two ways to navigate to the legacy federation configuration dialogs.

You can navigate in one of two ways: