SAML 2.0 Template

Use this table when configuring a SAML authentication scheme based on the SAML 2.0 scheme type. A Service Provider uses this authentication scheme to transparently validate a user based on the information in a SAML 2.0 assertion. This transparent validation allows functionality such as single sign-on and single logout.
casso1283
Use this table when configuring a SAML authentication scheme based on the SAML 2.0 scheme type. A Service Provider uses this authentication scheme to transparently validate a user based on the information in a SAML 2.0 assertion. This transparent validation allows functionality such as single sign-on and single logout.
When you configure a SAML 2.0 authentication scheme, you also define metadata properties for the associated Identity Provider-that is, the Identity Provider that supplies the assertion to the Service Provider.
The properties of the Identity Provider are stored with the authentication scheme object as a separate set of properties. As a result, two structures are used to configure a SAML 2.0 authentication scheme:
  • The structure fields referenced in the following table are in Sm_PolicyApi_Scheme_t.
  • The metadata properties for the associated Identity Provider are defined through Sm_PolicyApi_SAMLProviderProp_t.
Information Type
Value Assignment and Meaning
Scheme type
nType
=Sm_Api_SchemeType_SAML2
The scheme type SAML 2.0.
Description
pszDesc
=
description
The description of the authentication scheme.
Protection level
nLevel
=
value
A value of 1 through 1000. The higher the number, the greater degree of protection provided by the scheme. Default is 5.
Library
pszLib
="smauthsaml"
The default library for this scheme type.
Parameter
pszParam
=""
Set to an empty string.
SiteMinder
assigns a parameter value.
The parameter is a reference to the SAML 2.0 metadata properties for the associated Identity Provider. The properties are defined through Sm_PolicyApi_SAMLProviderProp_t.
 
Shared secret
pszSecret
=""
Set to an empty string. Not applicable to this scheme.
Is template?
bIsTemplate
=0
Set to false (0) to indicate that the scheme is not a template. Any other value is ignored.
Is used by administrator?
bIsUsedbyAdmin
=0
Set to false (0)-scheme is not used to authenticate administrators.
Save credentials?
bAllowSaveCreds
=0
Set to false (0) to indicate that user credentials won't be saved.
Is RADIUS?
bIsRadius
=0
Set to false (0)-scheme is not used with RADIUS agents.
Ignore password check?
bIgnorePwCheck
=1
Set to true (1)-ignore password checking.