SOA Governance and API Management : Administering Mediator : Mediator Configurations : Configuring SAML Support in Mediator : Configuring for SAML Bearer Token Processing
Configuring for SAML Bearer Token Processing
 
Configuring a Security Token Service (STS) for SAML Bearer Token Processing
Configuring Integration Server, Mediator, and Virtual Services for Bearer Tokens
This section describes:
*The Run-Time Processing of SAML Bearer Tokens
*Configuring a Security Token Service (STS) for SAML Bearer Token Processing
*Configuring Integration Server, Mediator, and Virtual Services for Bearer Tokens
The Run-Time Processing of SAML Bearer Tokens
At run time, Mediator processes a request containing a SAML Bearer token as follows:
1. The client sends a request for a SAML Token from a Security Token Service (STS).
2. The STS verifies/authenticates the client and creates a SAML assertion that the client can send along with the message to the service provider.
3. The STS also signs the assertion with its private key to provide message integrity and non-repudiation.
4. The client receives the SAML assertion from the STS and creates a new SOAP request.
5. The client then adds the token in the SOAP WS-Security header.
6. The service receives the SOAP request with the SAML assertion and verifies that the SAML assertion was issued by a trusted STS.
7. Once these conditions are satisfied, the service allows the request to proceed.
Copyright © 2015- 2016 Software AG, Darmstadt, Germany.
Product LogoContact Support   |   Community   |   Feedback