SAE
The Secure Attribute Exchange (SAE) authentication module is used when a external entity (such as an existing application ) has already authenticated the user and wishes to securely inform a local OpenSSO Enterprise instance about the authentication to trigger the creation of a OpenSSO Enterprise session for the user. The SAE authentication module is also used by the Virtual Federation functionality where the existing entity instructs the local OpenSSO Enterprise instance to use federation protocols to transfer authentication and attribute information to a partner application. The SAE attribute is a realm attribute.
Authentication Level
The authentication level is set separately for each method of authentication. The value indicates how much to trust an authentication mechanism. Once a user has authenticated, this value is stored in the SSO token for the session. When the SSO token is presented to an application the user wants to access, the application uses the stored value to determine whether the level is sufficient to grant the user access. If the authentication level stored in an SSO token does not meet the minimum value required, the application can prompt the user to authenticate again through a service with a higher authentication level. The default value is 0.
Note –
If no authentication level is specified, the SSO token stores the value specified in the Core Authentication attribute Default Authentication Level.
- © 2010, Oracle Corporation and/or its affiliates