Implementing a SAML sender-vouches subject confirmation scenario in WebSphere Application Server
From the developerWorks archives
Date archived: January 3, 2017 | First published: November 02, 2011
This article describes how to configure and use SAML sender-vouches tokens in IBM® WebSphere® Application Server (V7.0 Fix Pack 9 and later). The SAML sender-vouches subject confirmation method is particularly useful when a message sender acts on behalf of a web services client to access downstream web services and must assert client identity and security attributes. This method requires the message sender and receiver to ensure integrity of SOAP messages and SAML assertions. This article explains how to setup policy set and application-specific bindings to use message level integrity protection and transport level confidential protection. A sample application is provided for reference, with fast path instructions. This content is part of the IBM WebSphere Developer Technical Journal.
This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.