Configure the following fields on the Details tab:
SOAP Actor/Role:
If you expect the SAML assertion to be embedded in a WS-Security block,
you can identify this block by specifying the SOAP Actor or Role of the
WS-Security header that contains the assertion.
XPath Expression:
Alternatively, if the assertion is not contained in a WS-Security
block, you can enter an XPath expression to locate the authentication
assertion. You can configure XPath expressions using the Add
Edit and Delete buttons.
SAML Namespace:
Select the SAML namespace that must be used on the SAML assertion for
this filter to succeed. If you do not wish to check the namespace,
select the Do not check version option from the drop-down list.
SAML Version:
Enter the SAML Version that the assertion must adhere to by entering the
major version in the first field, followed by the minor version in the second
field. For example, for SAML version 2.0, enter 2 in the first
field and 0 in the second field.
Drift Time:
The drift time, specified in seconds, is used when
checking the validity dates on the authentication assertion. The drift
time allows for differences between the clock times of the machine on
which the assertion was generated and the machine hosting the Enterprise Gateway.
Remove Enclosing WS-Security Element on Successful Validation:
Select this checkbox if you wish to remove the WS-Security block that contains
the SAML assertion after the assertion has been successfully validated.
|