Previous Topic: Configure a Response to Send Attributes as HTTP HeadersNext Topic: Enable Client Certificate Authentication for the Back Channel(optional)

Federation Security Services GuideConfigure SiteMinder as a SAML 1.x ConsumerSupply SAML Attributes as HTTP HeadersCreate a Policy to Implement Attributes as HTTP Headers

Create a Policy to Implement Attributes as HTTP Headers

To implement the use of SAML attributes as HTTP headers, you must group together the authorization event rule and active response in a policy.

To create the policy to generate HTTP Headers from SAML attributes

  1. Log on to the FSS Administrative UI.
  2. From the Domains tab, select the domain that contains the target resource.
  3. In the domain, select the Policies object and create a policy.

    The Policy Properties dialog opens.

  4. Enter a descriptive name in the Name field.
  5. Select the users that must have access to the protected resource in the Users tab.
  6. Add the authorization rule you created previously on the Rules tab.
  7. Select the authorization rule and click Set Response.

    The Available Responses dialog opens.

  8. Select the active response you created previously and click OK.

    You return to the Rules tab. The response appears with the authentication rule.

  9. Click OK to save the policy.

The policy that enables SAML attributes to be used as HTTP headers is complete.