Using SAML for Web Service Client Authentication
If you want to use policies based on WS-SecurityPolicy for authentication and those policies require SAML tokens, you must set up Integration Server so that it can process the SAML tokens. Integration Server supports SAML tokens only in policies attached to provider web service descriptors for inbound requests.
For an inbound request message received by a provider web service, Integration Server must be able to validate the SAML token using the Java Authorization and Authentication Service (JAAS) login modules of Integration Server.