Integration Server 10.11 | Integration Server Administrator's Guide | Authenticating Clients | SAML Authentication
 
SAML Authentication
 
Requirements for SAML Authentication
Identifying Trusted STSs to Integration Server
Accepting SAML2 Tokens at the Transport Level
Integration Server supports SAML Authentication by accepting SAML tokens through HTTP header and by using policies based on WS-Security policy with provider web service descriptors. Integration Server supports SAML 2.0 tokens in the HTTP header but supports SAML 1.1 and SAML 2.0 tokens with policies.
If you want to use policies based on WS-SecurityPolicy for authentication and those policies require SAML tokens, you must set up Integration Server so that it can process the SAML tokens. Integration Server supports SAML tokens only in policies attached to provider web service descriptors for inbound requests.
For an inbound request message received by a provider web service, Integration Server must be able to validate the SAML token using the Java Authorization and Authentication Service (JAAS) login modules of Integration Server.
Note:Integration Server can generate a SAML 2.0 Bearer Assertion using the com.softwareag.is.auth.saml.issuer.SAMLIssuerUtils.generateSamlAssertion method. For more information about this method and related classes, see webMethods Integration Server Java API Reference.