SAML 2.0 Template

Programming Guides › Programming Guide for Perl › Policy Management API › Authentication Scheme Configuration › Configuration Tables › SAML 2.0 Template

SAML 2.0 Template

This authentication scheme is based on the SAML 2.0 scheme type. It is configured by a SAML 2.0 Service Provider.

A Service Provider uses this authentication scheme to transparently validate a user based on the information in a SAML 2.0 assertion.

An authentication scheme based on the SAML 2.0 Template differs from other types of authentication schemes in two ways:

SAML 2.0 authentication schemes are created with the method CreateSAMLAuthScheme(). This method creates a PolicyMgtAuthScheme object, just as CreateAuthScheme() does.
SAML 2.0 authentication schemes have two sets of properties:
- The properties listed in the table that follows. These properties are stored in the PolicyMgtAuthScheme object.
  Typically, the only properties in this set that you might choose to modify in an existing SAML 2.0 authentication scheme are name, description, and protection level. Modify these properties with the appropriate method in the PolicyMgtAuthScheme object.
- Metadata properties for the associated Identity Provider. The associated Identity Provider is the Identity Provider that supplies the assertion to the Service Provider.

These properties are stored with the PolicyMgtAuthScheme object as a hashtable.

For information about the metadata properties you can assign to a SAML 2.0 authentication scheme, see the section SAML 2.0 Property Reference in the online Policy Management API Reference.

This authentication scheme requires SiteMinder Federation Security Services. The Federation Security Services feature is licensed separately. Where applicable, the method CreateSAMLAuthScheme() is referenced in place of CreateAuthScheme().

Information Type	Value Assignment and Meaning
Metadata properties	CreateSAMLAuthScheme() param: propsHash_ref The hashtable of SAML 2.0 metadata properties associated with the authentication scheme object. Call SAMLAuthSchemeProperties() to modify metadata properties associated with an existing SAML 2.0 authentication scheme.
Scheme type	Type(templateObject) The scheme type SAML 2.0.
Description	Description(schemeDesc) CreateSAMLAuthScheme() param: schemeDesc The description of the authentication scheme.
Protection level	ProtectionLevel(nLevel) CreateSAMLAuthScheme() param: protLevel A value of 1 through 1000. The higher the number, the greater degree of protection provided by the scheme. Default is 5.
Library	CustomLib("smauthsaml") The default library for this scheme type.
Parameter	CustomParam(param) Set as an empty string.
Shared secret	CustomSecret("") Set as an empty string. Not applicable to this scheme.
Is template?	IsTemplate(0) Set to 0 to indicate that the scheme is not a template. Any other value is ignored.
Is used by administrator?	IsUsedByAdmin(0) Set to 0—scheme cannot be used to authenticate administrators.
Save credentials?	SaveCredentials(0) Set to 0 to indicate that user credentials will not be saved.
Is RADIUS?	IsRadius(0) Set to 0—scheme is not used with RADIUS agents.
Ignore password check?	IgnorePwd(1) Set to 1—ignore password checking.

Email CA about this topic