Configure policy sets, bindings, and SAML-specific tokens to secure Web services and messages.
To secure messages using SAML, you can import the SAML default policy sets and modify them to enable SAML function. Because WebSphere® Application Server Version 7.0.0.7 with SAML does not support attaching a policy set directly to a Web services client, you must specify the policy sets and bindings used to enable SAML as custom properties in the Web services client binding document.
You can also create a SAML bearer token using the SAML library API. A bearer token contains a bearer assertion, which is used to facilitate Web browser single sign-on (SSO). Other SAML set up tasks described in this section include configuring policy sets and bindings for a bearer token, or a holder-of-key token, or to communicate with a Security Token Service (STS).
See the following topics for more information about securing messages using SAML.
Secure SAML tokens at the message level by enabling assertion signing.
Configure policy sets and binding documents to enable a Web services client to request SAML assertions from an external Security Token Service (STS).
Configure the client and provider policy set attachments and bindings for the SAML bearer token.
Configure the client and provider policy set attachments and bindings for the SAML holder-of-key token. This configuration scenario uses a symmetric key.
Configure the client and provider policy set attachments and bindings for the SAML sender-vouches token, which includes the sender-vouches confirmation method. The sender-vouches confirmation method is used when a server needs to propagate the client identity or behavior of the client.
In this information ... | IBM Redbooks, demos, education, and more(Index) |