- Supports scenarios targeting OASIS Web Services Security SAML Token Profile 1.1
- Supports SAML Token Assertion specifications v1.1 and v2.0
- Supports Bearer confirmation and Holder-of-key confirmation
- Configurable via policy sets
- Targets JAX-WS services
- Leverages Custom Token Support
- API to create and consume SAML assertions
- Allows customers to create SSO solutions independent from web services
- Issuing Token
- Supports an external STS (Security Token Service)
- Tested with Tivoli Federated Identity Manager
- API supports request and validation of SAML Assertions via standard WS-Trust v1.2 and v1.3 Protocols
- Supports sender (client) side SAML token caching for better performance
- Supports self-issuance
Friday, November 13, 2009
SAML for Web Services is now available with WebSphere 220.127.116.11
You probably have read the announcement letter on the XML Feature Pack, SCA Refresh, and SAML (Security Assertion Markup Language) for Web Services support coming to WebSphere 7.0.
I would like to give some additional details of what is in the SAML support.
It is now available, so try it out and feel free to give us some feedback on your experiences.
P.S. Here is the SAML support Info Center link.