You can use the product Security Assertion Markup Language (SAML) function to apply a default policy to use SAML assertions in Web services messages and in Web services usage scenarios.
SAML is an XML-based, OASIS standard for exchanging user identity and security attributes information. In a typical SAML usage scenario, you authenticate to a security domain and request an identity provider to issue SAML assertions.
To use the SAML default policy sets, sample SAML general bindings, and JAAS login configuration settings for SAML that are included with WebSphere® Application Server Version 7.0.0.7 and later, you must set up the SAML configuration, which is stored in a profile.
Configure policy sets, bindings, and SAML-specific tokens to secure Web services and messages.
Use the SAML library application programming interface (API), the SAMLTokenFactory, to configure token parameters, create a SAML token, and bind the created token to a service request. The SAML trust client API provides helper functions that send WS-Trust SOAP requests to the specified external Security Token Service (STS).
After SAML policy sets and bindings have been configured, and SAML tokens created, the SAML token information can be sent from the original login server to other servers using the SAML propagation feature. You can also extract SAML attributes from an existing SAML token and then create additional tokens using the extracted attributes.