Previous Topic: Solution 7: Identity Provider Discovery Profile (SAML 2.0)

Next Topic: Solution 9: SAML 2.0 User Authorization Based on a User Attribute

Solution 8: Multi-protocol Network

Solution 8 illustrates how SiteMinder Federation Security Services can be employed to solve Use Case 8: Multi-protocol Support.

In this solution:

For User 1:

For User 2:

The following illustration shows a SiteMinder federated network that implements multiprotocol support.

Multiprotocol Soltuion

Note: The SPS federation gateway can replace the Web Agent and Web Agent Option Pack to provide the SiteMinder Federation Web Services application functions. For information about installing and configuring the SPS federation gateway, see the CA SiteMinder Secure Proxy Server Administration Guide.

In this multiprotocol solution, smcompany.com can issue a SAML 2.0 assertion for User 1 to access resources at ahealthco.com. Additionally, smcompany.com can issue a SAML 1.0 assertion for User 2 to authenticate at discounts.com. Smcompany.com issues an assertion based on the session cookie that is set during initial authentication and determines the appropriate protocol for the assertion.

The SAML Affiliate Agent at discounts.com needs to be configured so that smcompany.com is added to its producer information settings in its AffiliateConfig.xml configuration file so that it accepts SAML 1.0 assertions from this site.


Copyright © 2010 CA. All rights reserved. Email CA about this topic