WebSphere Message Broker, Version 8.0.0.7 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS

See information about the latest product version

SAML token capabilities for authentication and authorization

For Web services, you can complete authentication and authorization using a SAML token.

The SAML token Authentication and Authorization are supported only in the following configuration:

Capability

  • Authenticate
  • Authorize
Policy Enforcement Point (PEP) and direction
  • In (provider)

    Configured with a security policy set and binding that defines that a SAML pass-through 1.1 or SAML pass-through 2.0 token is present for authentication; see Authentication. The broker provides only SAML pass-through support, which means that the SAML token is extracted and passed to an external security token service (STS) for validation. The STS to be used is specified in a security profile. The STS processing can be used to implement authentication based on the SAML principal, and authorization based on SAML attributes.

    Configured with a security profile defining the Policy Decision Point (PDP); see the PDP section that follows.

Trust Store or PDP
Notices | Trademarks | Downloads | Library | Support | Feedback

Copyright IBM Corporation 1999, 2016Copyright IBM Corporation 1999, 2016.

        
        Last updated:
        
        Last updated: 2016-05-23 14:48:24


Reference topicReference topic | Version 8.0.0.7 | bp28352_