Previous Topic: How To Protect Resources with a SAML 2.0 Authentication SchemeNext Topic: Form the Policy to Protect the Target Resource

Federation Security Services GuideConfigure SiteMinder as a SAML 2.0 Service ProviderHow To Protect Resources with a SAML 2.0 Authentication SchemeConfigure a Unique Realm for Each SAML Authentication Scheme

Configure a Unique Realm for Each SAML Authentication Scheme

The procedure for configuring a unique realm for each SAML authentication scheme (artifact or profile) follows the standard instructions for creating realms in the FSS Administrative UI.

To create a realm for each SAML authentication scheme

  1. Log on to the FSS Administrative UI.
  2. Click the System tab.
  3. Click Edit, System Configuration, Create Domain.

    The Domain dialog opens.

  4. Create a policy domain that will contain the realm with the target resources.
  5. Create a realm under the policy domain you created in the previous step, noting the following:
    1. Select the Web Agent protecting the web server where the target federation resources reside for the Agent field.
    2. Select the SAML authentication scheme for the Authentication Scheme field. This is the SAML scheme that should protect the realm.
  6. Create a rule for the realm.

    As part of the rule you select a Web Agent action (Get, Post, or Put), which allows you to control processing when users authenticate to gain access to a resource.

Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

The realm is now configured.