The following fields are available on the Details tab:
SOAP Actor/Role:
There may be several authorization assertions contained in a message.
You can identify the assertion to validate by entering the name of the
SOAP actor/role of the WS-Security header that contains the assertion.
XPath Expression:
Alternatively, you can enter an XPath expression to locate the
authorization assertion. You can configure XPath expressions using the
Add, Edit and Delete
buttons.
SAML Namespace:
Select the SAML namespace that must be used on the SAML assertion for
this filter to succeed. If you do not wish to check the namespace,
select the Do not check version option from the drop-down list.
SAML Version:
Enter the SAML Version that the assertion must adhere to by entering the
major version in the first field, followed by the minor version in the second
field. For example, for SAML version 2.0, enter 2 in the first
field and 0 in the second field.
Drift Time:
The drift time, specified in seconds, is used when
checking the validity dates on the authorization assertion. The drift
time allows for differences between the clock times of the machine on
which the assertion was generated and the machine hosting the Enterprise Gateway.
Remove Enclosing WS-Security Element on Successful Validation:
Select this checkbox if you wish to remove the WS-Security block that contains
the SAML assertion after the assertion has been successfully validated.
|