The Security Assertion Markup Language (SAML) is an XML-based
OASIS standard for exchanging user identity and security attributes
information. Using SAML, a client can communicate assertions regarding
the identity, attributes, and entitlements of a SOAP message. You
can apply policy sets to JAX-WS applications to use SAML assertions
in web services messages and in web services usage scenarios. Use
SAML assertions to represent user identity and user security attributes,
and optionally, to sign and to encrypt SOAP message elements.
Procedure
- Learn about SAML.
- For more information, see SAML concepts.
- Configure SAML application support.
- Security Assertion Markup Language (SAML) is an XML-based,
OASIS standard for exchanging user identity and security attributes
information. You can use the SAML function to apply a default policy
to use SAML assertions in web services messages and in web services
usage scenarios. In a typical SAML usage scenario, you authenticate
to a security domain and request an identity provider to issue SAML
assertions. In WebSphere® Application Server Version 7.0.0.7
and later, to use the SAML default policy sets, sample SAML general
bindings, and JAAS login configuration settings for SAML, you were
required to set up the SAML configuration, which is stored in a profile.
In WebSphere Application Server 버전 9.0, the SAML feature
is available in all profiles by default.
- Develop and assemble a SAML application.
- For more information, see Developing SAML applications.
- Deploy the SAML application.
- For more information, see Deploying applications
that use SAML.