|
|
|
The following terms describe the SAML Affiliate Agent and related federation security services functions.
An organization within a network that has a business relationship with a main business producer. Affiliates typically share user and security information with other businesses.
The UNIX daemon or NT service that communicates to the producer on behalf of the consumer.
The plug-in to the Web server where the SAML Affiliate Agent is installed.
A piece of data, transmitted in an XML document, that contains authorization and authentication information about a user. The assertion is used to facilitate secure business transactions.
Component at the producer that creates the SAML assertion and SAML artifact.
A site that uses a SAML assertion to authenticate a user.
Application installed at the producer that enables businesses to share security and user profile information via SAML assertions.
Application installed on the producer-side Web Agent. These services provide assertion retrieval, session synchronization, and notification services.
An entry site for users to connect to related sites across the Internet. In a SiteMinder network, the producer is the site where the Policy Server and Web Agent reside and which has the user’s identity.
URL at the producer. The SAML Affiliate Agent sends a user to this URL if that user does not have the profile and session cookies to access an affiliate resource.
A site that generates SAML assertions.
The Web Agent installed on the Web server at the producer that handles the authentication of users trying to access resources at the consumer.
The SiteMinder Agent that is installed at a consumer site. This Agent consists of the affiliate Web server plug-in and the Affiliate Server.
A URL at the consumer that enables the SAML Affiliate Agent to receive the SAML artifact. After the user’s initial visit to the producer, the Web Agent redirects the user’s browser to this URL at the consumer. The SAML artifact is added to the redirect URL. After the SAML Affiliate Agent receives the artifact, it makes a call on the SSL back channel to the producer to retrieve the assertion associated with that artifact. Using SSL ensures that the artifact is encrypted and is not sent in clear text.
A 42-byte, hex-encoded ID that references an assertion stored with the session server at the producer. The artifact enables the SAML Affiliate Agent to retrieve an assertion document from the producer.
See assertion.
SSL channel between the producer and the consumer used to exchange data, such as the assertion document. This channel does not go through a user’s browser.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |