SAML AutheNtication in BW 5.7

[Anand G]

Hi All,

 

Can you guys help me how to configure SAML Authentication in BW 5.7(for the provider side as well as consmer sde)

 

Thanks

Anand.G

[Manoj Chaurasia]

Hi Carlo,

 

Thanks for Your quick response.

 

1) If i have latest version of bw i.e 5.9 can i do it

 

2) Can you please tell me what drop in a(for fee) policy director agent,what does that mean

[Manoj Chaurasia]

The latest is 5.11, and even it doesn't have 'native' SAML. You can simulate a SAML message without signatures or encryption, through XML, and you can build a SAML message through Java activities.

 

Policy Director is the next generation of Policy Manager, and its 'agents' include a plugin for BusinessWorks that is like a decoupled and dynamic version of the BW Policy Palette, but richer in support for things such as SAML.

[Manoj Chaurasia]

Thanks Carlo for your resposne,it would be really helpfull if you shared any sample project for SAML Authenticaion

[Manoj Chaurasia]

Hi Carlo,

 

In the below link you have provided a sample project regarding about SAML Authentication,in which one schema is missing with the name of xml.xsd,Can you let me know what exactly the schema contains.

 

This is the link i follow : https://www.tibcommunity.com/message/54987#54987

[Manoj Chaurasia]

Try this one:

http://www.w3.org/2001/03/xml.xsd

[Manoj Chaurasia]

Hi,

 

I downloaded the xml schema and imported in my project still i am not able to figure out,can any one explain me in details.

 

Thanks in Advance.

[Manoj Chaurasia]

You start with a 'seed' element, then use coersion to add other elements and attributes as needed. That gets you the message structure. To do signing, you'll have to write some helper code and do more mapping (if Java Code/Method Activity) or you might be able to do this with XPath & Java Custom Function.

[Carlo Milono 2]

It isn't implemented in BW. You will have to write your own code for this. The quickest way is to get to a more current version of BW and drop in a (for fee) Policy Director Agent and you'll get OASIS SAML Token Profile.

 

Doing SAML outside of Web Services will still need to be a manual/coding effort.

[Anand Silodia]

Hi Anand. Were you able to get this to work I also have to work with SAML and was wondering how to implement the handshake with the SAML server to get the sessionId.

[rawaa yahya]

HiAnonymous,

Can you please give more details on what are the SAML headers too add and how it will be the mapping of these headrs on the SOAP reply activity on the BW.

 

Also is it sufficient or it still need to create policy security .

what is the rule of PolicySecurity and identity if we still need to create a manual code

[Donald Johnson]

Anonymous is not a user, but a bin for content whose owner has been removed from the site.  You won't get any response.

[rawaa yahya]

Hi  cmilono,

 

 

 

I can generate my saml token . I created my win Java code. But I still not understand how map it on the sopa request reply activity.

 

Please can you detail more what we have to do it.

 

 

 

Thanks,