Secure Mobile Access 12.4 Administration Guide

Configuring a SAML-Based Authentication Server

Security Assertion Markup Language (SAML) is an XML-based framework for communicating user authentication, entitlement, and attribute information. SAML provides a foundation for Web based single sign-on (Web SSO) by allowing business entities to make assertions regarding the identity, attributes, and entitlements of a subject (such as a human user) to other entities, such as a partner company or another enterprise application.

In Web SSO, a user either accesses a resource via a service provider (such as the SMA appliance), or accesses an identity provider (IDP) such that the service provider and desired resource are understood or implicit. The user authenticates to the IDP, which then produces an authentication assertion and the service provider consumes the assertion to establish a security context for the user. When the security context for the user exists, the user can access resources at another site without additional authentication. SAML also provides a Single Logout (SLO) service.

This release supports external IDPs that are deployed in the public Internet. It is assumed that the user uses a standard browser and can authenticate to the IDP by some means outside the scope of SAML. The user accesses the appliance through a SAML Authenticated Realm.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.