Securing web services using Security Markup Assertion Language (SAML)

The Security Assertion Markup Language (SAML) is an XML-based OASIS standard for exchanging user identity and security attributes information. Using SAML, a client can communicate assertions regarding the identity, attributes, and entitlements of a SOAP message. You can apply policy sets to JAX-WS applications to use SAML assertions in web services messages and in web services usage scenarios. Use SAML assertions to represent user identity and user security attributes, and optionally, to sign and to encrypt SOAP message elements.

Procedure

  1. Learn about SAML.
    1. For more information, see SAML concepts.
  2. Configure SAML application support.
    1. Security Assertion Markup Language (SAML) is an XML-based, OASIS standard for exchanging user identity and security attributes information. You can use the SAML function to apply a default policy to use SAML assertions in web services messages and in web services usage scenarios. In a typical SAML usage scenario, you authenticate to a security domain and request an identity provider to issue SAML assertions. In WebSphere® Application Server Version 7.0.0.7 and later, to use the SAML default policy sets, sample SAML general bindings, and JAAS login configuration settings for SAML, you were required to set up the SAML configuration, which is stored in a profile. In WebSphere Application Server 버전 9.0, the SAML feature is available in all profiles by default.
  3. Develop and assemble a SAML application.
    1. For more information, see Developing SAML applications.
  4. Deploy the SAML application.
    1. For more information, see Deploying applications that use SAML.

주제 유형을 표시하는 아이콘 태스크 주제



시간소인 아이콘 마지막 업데이트 날짜: July 9, 2016 6:13
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=twbs_secureassertions
파일 이름:twbs_secureassertions.html