The SAML Service

Access Manager uses SAML as the means for exchanging security information. SAML uses an eXtensible Markup Language (XML) framework to achieve interoperability between vendor platforms that provide SAML assertions. Originally, the Liberty ID-FF was created as an extension of SAML 1.0 and 1.1. With the release of SAML 2.0 though, the Liberty ID-FF has been rolled into the SAML 2.0 specifications. Going forward, SAML 2.0 will be used by the Liberty Alliance Project to build additional federation—based applications. See The Liberty ID-FF Convergence for more information.

The configuration and usage of the SAML Service is independent of the SAML functionality used by the Liberty-based features in Access Manager. SAML usage by the Liberty-based features in Access Manager is behind the scenes and not configurable.

Access Manager 7.1 supports SAML 1.1 and 2.0. SAML 1.1 is supported out of the box and can be configured using the Access Manager Console. SAML 2.0 is supported after installing the SAML v2 Plug-in for Federation Services on top of a working instance of Access Manager. For more information on the SAML Service (based on SAML 1.1), see Chapter 10, SAML Administration. For more information on the SAML v2 Plug-in for Federation Services, see the Sun Java System SAML v2 Plug-in for Federation Services Release Notes and the Sun Java System SAML v2 Plug-in for Federation Services User’s Guide.