SAML Overview

Security Assertion Markup Language (SAML) is an open-standard protocol that uses an XML framework to exchange security information between an authority and a trusted partner site. The security information concerns itself with a subject's authentication status, access authorization and attribute information. (A person identified by an email address is a subject as might be a printer.) A SAML authority (in some instances, referred to as the asserting party) is a platform or application that has been integrated with SAML API, allowing it to relay security information. For example, asserting that a subject has been authenticated into its system by passing the required attributes. Trusted partner sites receive the security information and rely on its authenticity.

For more information about the SAML implementation (including definitions of the profile types and assertions), see Chapter 9, SAML Administration, in Sun Java System Access Manager 7 2005Q4 Federation and SAML Administration Guide.

The following SAML attributes can be configured for your implementation:

• Target Specifier

• Site Identifiers

• Trusted Partners

• Target URLs

• Assertion Timeout

• Assertion Skew Factor for notBefore Time

• Artifact Timeout

• SAML Artifact Name

• Sign SAML Assertion

• Sign SAML Request

• Sign SAML Response

The following tasks are associated with configuring SAML:

• To Configure a Site Identifier

• Trusted Partners: Selecting Partner Type and Profile

• Trusted Partners: Configuring Trusted Partner Attributes

• To Configure a Target URL