|
|
|
SiteMinder Federation Security Services supports SAML 2.0 functionality. With SAML 2.0, security assertions are shared between the following entities within a federation:
A Service Provider makes applications and other resources available to principals within a federation. A principal is a user or another federation entity.
An Identity Provider creates and manages identity information for principals within a SAML 2.0 federation. The Identity Provider packages the information in a SAML assertion and sends it to the Service Provider where the principal is attempting to access resources.
A SAML 2.0 affiliation consists of Service Providers and Identity Providers that have a shared Name ID namespace. Identity Providers also share the user disambiguation properties across the affiliation. A SAML 2.0 affiliation can have multiple Service Providers and Identity Providers. However, a Service Provider or Identity Provider can belong to no more than one SAML 2.0 affiliation.
SAML 2.0 authentication is performed through an authentication scheme based on the SAML 2.0 Template. A SAML 2.0 authentication scheme and its associated Identity Provider are configured by a SAML 2.0 Service Provider. The Service Provider uses the authentication scheme to transparently validate a user based on the information in a SAML 2.0 assertion.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |