Previous Topic: Set Up Relying Party ComponentsNext Topic: Storing User Session, Assertion, and Expiry Data


Setup the SAML 1.x Assertion Generator File

This section contains the following topics:

Configure the SAML 1.x Assertion Generator Properties File

Review the JVMOptions File Which Creates a JVM

The JVMOptions.txt File

Configure the SAML 1.x Assertion Generator Properties File

The Policy Server at the producer includes a component named the assertion generator. For SAML 1.x only, the AMAssertionGenerator.properties file is required for the assertion generator to generate assertions. This properties file also contains commented instructions, which you can read for more information about the settings in the file.

The installed location of this file is:

policy_server_home/config/properties

The assertion generator works without modifying the settings in this file. However, the file contains CA SiteMinder® default values that are used in the assertions, so change these values for your network.

To configure the AMAssertionGenerator.properties file

  1. Go to the directory policy_server_home/config/properties.
  2. Open the AMAssertionGenerator.properties file in a text editor.
  3. Modify the following parameters:
    AssertionIssuerID

    Specifies the URL that identifies the site issuing the assertion.

    This URL must be the same value as the Issuer field that you complete for a SAML authentication scheme.

    Note: Set this value properly so that SAML 1.x assertions are meaningful.

    SecurityDomain

    Identifies the domain of the producer, such as example.com

    SourceID

    Specifies for the SAML 1.x artifact profile only, a unique ID in the artifact that identifies the producer. For more information, see the SAML specification at the OASIS website.

The values in this file must match the values for the equivalent settings at the consumer site.

Note: Updates to the AmAssertionGenerator.properties file are picked up after the Policy Server is restarted.

Review the JVMOptions File Which Creates a JVM

The JVMOptions.txt File

The JVMOptions.txt file contains the settings that the Policy Server uses when creating the Java virtual machine that is used to support Federation Web Services. SAML 1.x, SAML 2.0, and WS‑Federation use this file.

During a Policy Server upgrade, the existing JVMOptions.txt file is renamed to JVMOptions.txt.backup. A new JVMOptions.txt file is created.

If the original file included customized parameters, be sure to modify the newly created file to include these customized parameters.

The installed location of this file is:

policy_server_home/config/

Important! If you update the JVMOptions.txt file, restart the Policy Server for the changes to take effect.

Notes: