|
|
|
The WS-Federation specification provides a protocol for how passive clients (such as Web browsers) implement the federation framework. ADFS is Microsoft's implementation of the WS-Federation Passive Requestor Profile.
Web SSO and Signout in the WS-Federation environment are implmented using Account Partners and Resource Partners. An Account Partner authenticates users, provides WS-Federation security tokens and passes them to a Resource Partner. The Resource Partner consumes security tokens and establishes a session based on the contents of the WS-Federation security token.
For SiteMinder to act as an Account Partner, an administrator must define the Resource Partner that will be consuming security tokens. This is done by defining a Resource Partner in an Affiliate domain. For SiteMinder to act as a Resource Partner, an administrator must define the Account Partner that is going to supply security tokens. This is done by defining a WS-Federation authentication scheme.
The C Policy Management API sample program, smpolicyapiexample.cpp, includes examples of how to define, list, and delete a Resource Partner, as well as define, list, and delete a WS-Federation authentication scheme.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |