|
| |
| Sun Java System Access Manager 6 2005Q1 Administration Guide | |
Chapter 30
SAML Authentication AttributesThe SAML Authentication attribute is an organization attributes. The value applied to it under Service Configuration becomes the default value for the SAML Authentication template. The service template needs to be created after registering the service for the organization. The default value can be changed after registration by the organization’s administrator. Organization attributes are not inherited by entries in the organization.
The SAML Authentication attributes is:
Authentication Level
The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0.
Note
If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Auth Level. See “Default Authentication Level” on page 306 for details.