Configure policy sets, bindings, and SAML-specific tokens to secure web services and messages.
To secure messages using SAML, you can import the SAML default policy sets and modify them to enable SAML function. Because WebSphere® Application Server with SAML does not support attaching a policy set directly to a Web services client, you must specify the policy sets and bindings used to enable SAML as custom properties in the web services client binding document.
You can also create a SAML bearer token using the SAML library API. A bearer token contains a bearer assertion, which is used to facilitate web browser single sign-on (SSO). Other SAML set up tasks described in this section include configuring policy sets and bindings for a bearer token, or a holder-of-key token, or to communicate with a Security Token Service (STS).
See the following topics for more information about securing messages using SAML.