6. Server User Guide

6. Server User Guide

Configuring Authentication for SAML-Secured Services

Configuring Authentication for SAML-Secured Services

Process Server supports the Security Assertions Markup Language (SAML) standard for exchanging authentication and authorization data between an identity provider (a producer of assertions) and a service provider.
To configure Process Server to use SAML policy assertions, you must do the following:
  • In the Process Deployment Descriptor (PDD) of your BPEL processes, add a SAML policy assertion for my roles and/or partner roles that send/receive SAML-authenticated messages. This policy describes parameters that a service uses to make access control decisions. For details, see
    SAML
    in the
    Process Developer Help
    .
  • Add a SAML properties section to the Process Server
    crypto.properties
    file.
Here is an example of the SAML properties to add:
org.apache.ws.security.saml.issuer.key.name=aeadmin org.apache.ws.security.saml.issuer.key.password=password org.apache.ws.security.saml.issuer=http://www.abe-saml-demo.com/saml org.apache.ws.security.saml.subjectNameId.qualifier=http://www.abe-saml-demo.com/saml
Note that the key name and password must match what you have in the Process Server keystore.


Updated March 13, 2020