Federation Security Services GuideUse an Attribute Authority to Authorize UsersSet up a SAML Requestor to Generate Attribute Queries › Enable Attribute Queries and Specify Attributes

Previous Topic: Set up a SAML Requestor to Generate Attribute Queries

Next Topic: Configure the NameID for the Attribute Query

Enable Attribute Queries and Specify Attributes

To enable the SAML Requester to send an attribute query

  1. Log on to the FSS Administrative UI.
  2. Access the Authentication Scheme Properties dialog for the SAML 2.0 authentication scheme that protects the resource that will be protected based on a user attribute.
  3. Click on Additional Configuration.

    The SAML 2.0 Auth Scheme Properties dialog opens.

  4. Click on the Attributes tab.
  5. Click Add.

    The Add Attribute dialog opens.

  6. Enter values for the following fields:

    Note: You can click Help for a description of fields, controls, and their respective requirements.

  7. Click OK to save your changes.

    You return to the Attributes dialog.

  8. In the Attribute Query group box, select Enabled and enter a value for the Attribute Service field.
  9. Optionally, select the following check boxes:
  10. Click OK.

    The Name IDs tab opens and a message is displayed instructing you to specify an attribute name for the name identifier.

  11. Configure a NameID. This NameID configured in the SAML 2.0 Auth.Scheme Properties is included in the attribute query for use by the Attribute Authority.

Copyright © 2010 CA. All rights reserved. Email CA about this topic