Administering Mediator : Mediator Configurations : Configuring SAML Support in Mediator : Configuring SAML Sender-Vouches Processing : Configuring Virtual Services for Sender-Vouches Processing
Configuring Virtual Services for Sender-Vouches Processing
After you configure STS for Senders-Vouchers processing, you must configure the desired virtual services so they can use the STS for Sender-Vouches processing.
To configure virtual services for SAML Sender-Vouches processing
1. Write an IS wrapper service that includes the predefined Java service mediator.security.ws:AddSamlSenderVouchesToken. Mediator calls this service during request processing.
The value of this service's ConfigName parameter must be the STS you specified in Configuring a Security Token Service (STS) for Sender-Vouches Processing.
For details about the AddSamlSenderVouchesToken service, see CentraSite User’s Guide.
2. In the Request Processing step of the desired virtual services, invoke the IS wrapper service you just created. For the procedure to do this, see CentraSite User’s Guide.
The virtual services are now ready to be deployed and invoked by the client.
3. Ensure that the following requirements are met by the client requests:
*Mediator must be able to invoke the virtual services with the Integration Server user credentials.
*The credentials must be able to be used by Mediator to invoke the virtual services.
*Mediator uses the identified Integration Server user as the value for the <wst:OnBehalfOf> element. If a virtual service's policy includes security actions such as the Require WSS Username Token action, the token identifies the user and this user is used as the value for <wst:OnBehalfOf> element when sending requests for SAML Sender-Vouches tokens. For example,
<wst:OnBehalfOf>
<wsse:UsernameToken xmlns:wsse="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss
-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org
/wss/2004/01/oasis-200401-wss-
wssecurity=utility- 1.0.xsd" wsu:Id="UsernameToken-28549389">
<wsse:Username>Administrator</wsse:Username>
</wsse:UsernameToken>
</wst:OnBehalfOf>
Copyright © 2015- 2017 Software AG, Darmstadt, Germany. (Innovation Release)

Product LogoContact Support   |   Community   |   Feedback