Federation Security Services Guide › Authenticate SAML 2.0 Users at the Service Provider › SAML 2.0 Authentication Scheme Prerequisites › Install the Web Agent or SPS Federation Gateway

Install the Web Agent or SPS Federation Gateway

The Web Agent is a required component in a SiteMinder federation security services network. You can either install a Web Agent on a web server or install the SPS federation gateway, which has an embedded Web Agent.

Note: Install this component at the Identity Provider and Service Provider.

At the consuming authority, set up the following components

1. Install one of the following:
   • Web Agent
   • SPS federation gateway
2. Configure the Web Agent or SPS federation gateway.
   • For instructions about the Web Agent, see the Web Agent Installation Guide and Web Agent Configuration Guide.
   • For instructions about the SPS federation gateway, see the Secure Proxy Server Administration Guide.

   Important! You must define a value for the Web Agent configuration parameter DefaultAgentName for all Service Provider Web Agents.

3. (Web Agent configuration only) If you are using a Web Agent at the Service Provider, you must specify a value for the Web Agent configuration parameter DefaultAgentName for all Service Provider Web Agents. The DefaultAgentName parameter specifies a Web Agent identity. Additionally, the specified Agent identity must be included in the Resource Filter of the realm that protects the target resource. You configure the DefaultAgentName parameter in the Agent Configuration Object or the local Agent configuration file.

   Note: Omitting the DefaultAgentName parameter or using the value specified in the AgentName parameter in the realm resource filter causes SAML 2.0 authentication to fail, regardless of the single sign-on profile.