Previous Topic: Assertion Validity for Single Sign-onNext Topic: Grant Access to the Service for Assertion Retrieval (Artifact SSO)

Federation Security Services GuideConfigure SiteMinder as a SAML 1.x ProducerConfigure a SAML 1.x AssertionGenerate an Assertion for One Time Use

Generate an Assertion for One Time Use

You can configure SiteMinder to generate an assertion that includes a one time use condition. If the relying party knows to use the assertion immediately and not cache it for future use, the relying party will not make authentication decisions based on an out-of-date assertion.

To generate an assertion with a one time use condition

  1. Log on to the FSS Administrative UI.
  2. Select the affiliate you want to modify or create an affiliate.
  3. Navigate to the Advanced tab for the affiliate.
  4. Select the Set DoNotCache Condition check box.
  5. Click OK.

The asserting party can now generate an assertion that includes the condition element for its one time use.