SOA Governance and API Management : Administering Mediator : Mediator Configurations : Configuring SAML Support in Mediator : Configuring Integration Server Keystores
Configuring Integration Server Keystores
You must configure an Integration Server keystore to enable Mediator to process any supported SAML token (Holder-of-Key tokens, Sender-Vouches tokens, or Bearer tokens).
To configure an Integration Server keystore
1. In Integration Server, create a new keystore alias, as described in the Keystores and Truststores section in the document webMethods Integration Server Administrator’s Guide.
The keystore must contain at least one private key, which can be used by Mediator as the signing alias.
If Mediator is expected to verify the signature of incoming requests from clients, the keystore must also contain the public keys of the clients. The keystore must also contain the public key of the identity provider in its truststore, to validate the signature in the assertion which is signed by the identity provider. This will be useful for Holder-of-Key confirmation method-based requests.
2. In Integration Server, specify the keystore alias and signing alias to be used by Mediator, as described in the Keystore, Truststore, and Key Aliases section in the document webMethods Integration Server Administrator’s Guide.
Copyright © 2015- 2016 Software AG, Darmstadt, Germany.

Product LogoContact Support   |   Community   |   Feedback