Protecting Resources with SAML

Prerequisites

You have configured the service provider for SAML 2.0.
You have configured a trusted identity provider for the service provider.

Context

Once you have configured an SAML 2.0 service provider to trust an identity provider, you designate which resources are protected by SAML 2.0 by assigning the SAML 2.0 login module to the authentication stack.

Procedure

Determine any login module options you require.

Option	Description
policy	Selects the SAML 2.0 policy to use with the login module. The SAML 2.0 policy enables the service provider to inform the identity provider, which authentication contexts it requires. For more information, see Setting SAML 2.0 Policies for Authentication .

Option

Description

policy

Selects the SAML 2.0 policy to use with the login module. The SAML 2.0 policy enables the service provider to inform the identity provider, which authentication contexts it requires.

For more information, see Setting SAML 2.0 Policies for Authentication .

Add SAML2LoginModule to the authentication stack.

For more information, see Editing the Authentication Policy of AS Java Components .

Note
Add a backup form of authentication to the authentication stack, such as BasicPasswordLoginModule, to enable authentication even if SAML 2.0 authentication should fail.

Results

Once you have configured how a resource is protected by SAML, ensure that the identity provider can fulfill the requirements you configured.