SAML 2.0 Template
Use this table when configuring a SAML authentication scheme based on the SAML 2.0 scheme type. A Service Provider uses this authentication scheme to transparently validate a user based on the information in a SAML 2.0 assertion. This transparent validation allows functionality such as single sign-on and single logout.
casso1283
Use this table when configuring a SAML authentication scheme based on the SAML 2.0 scheme type. A Service Provider uses this authentication scheme to transparently validate a user based on the information in a SAML 2.0 assertion. This transparent validation allows functionality such as single sign-on and single logout.
When you configure a SAML 2.0 authentication scheme, you also define metadata properties for the associated Identity Provider-that is, the Identity Provider that supplies the assertion to the Service Provider.
The properties of the Identity Provider are stored with the authentication scheme object as a separate set of properties. As a result, two structures are used to configure a SAML 2.0 authentication scheme:
- The structure fields referenced in the following table are in Sm_PolicyApi_Scheme_t.
- The metadata properties for the associated Identity Provider are defined through Sm_PolicyApi_SAMLProviderProp_t.
Information Type | Value Assignment and Meaning |
Scheme type | nType =Sm_Api_SchemeType_SAML2The scheme type SAML 2.0. |
Description | pszDesc =description The description of the authentication scheme. |
Protection level | nLevel =value A value of 1 through 1000. The higher the number, the greater degree of protection provided by the scheme. Default is 5. |
Library | pszLib ="smauthsaml"The default library for this scheme type. |
Parameter | pszParam =""Set to an empty string. SiteMinder assigns a parameter value.The parameter is a reference to the SAML 2.0 metadata properties for the associated Identity Provider. The properties are defined through Sm_PolicyApi_SAMLProviderProp_t. |
Shared secret | pszSecret =""Set to an empty string. Not applicable to this scheme. |
Is template? | bIsTemplate =0Set to false (0) to indicate that the scheme is not a template. Any other value is ignored. |
Is used by administrator? | bIsUsedbyAdmin =0Set to false (0)-scheme is not used to authenticate administrators. |
Save credentials? | bAllowSaveCreds =0Set to false (0) to indicate that user credentials won't be saved. |
Is RADIUS? | bIsRadius =0Set to false (0)-scheme is not used with RADIUS agents. |
Ignore password check? | bIgnorePwCheck =1Set to true (1)-ignore password checking. |