IBM Integration Bus, Version 10.0.0.3 Operating Systems: AIX, HP-Itanium, Linux, Solaris, Windows, z/OS


SAML token capabilities for authentication and authorization

For web services, you can complete authentication and authorization using a SAML token.

The SAML token Authentication and Authorization are supported only in the following configuration:

Capability

Policy Enforcement Point (PEP) and direction
  • In (provider)

    Configured with a security policy set and binding that defines that a SAML pass-through 1.1 or SAML pass-through 2.0 token is present for authentication; see Authentication. The integration node provides only SAML pass-through support, which means that the SAML token is extracted and passed to an external Security Token Service (STS) for validation. The STS to be used is specified in a security profile. The STS processing can be used to implement authentication based on the SAML principal, and authorization based on SAML attributes.

    Configured with a security profile defining the Policy Decision Point (PDP); see the PDP section that follows.

Trust Store or PDP

bp28352_.htm | Last updated 2015-11-27 00:02:03