|
|
|
The SAML assertion generator creates an assertion for a user who has a session at a producer/IdP site. When a request for a SAML assertion is made, the Web Agent invokes the SAML assertion generator, which creates an assertion based on the user session and information configured in the policy store.
The assertion is then handled according to the authentication profile or binding configured, as follows:
The Web Agent is responsible for sending the SAML artifact, SAML response, or WS-Federation security token response message to the site that will consume the assertion accordance with the SAML profile or binding. At the consumer/SP site, a client, such as the SAML Affiliate Agent, the SAML 1.x credential collector or the SAML 2.0 assertion consumer, must be available to process the SAML artifact or response message.
You can customize the content of the SAML assertion generated by the assertion generator by configuring the assertion generator plug-in. This plug-in lets you customize the content for your federated environment.
The assertion generator is installed by the Policy Server. After installing the Policy Server, the administrator can use the FSS Administrative UI to define and configure affiliates.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |