SAMLToken - 7.1

Talend ESB Infrastructure Services Configuration Guide

EnrichVersion
7.1
EnrichProdName
Talend Data Fabric
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Open Studio for ESB
Talend Real-Time Big Data Platform
EnrichPlatform
Talend ESB
Talend Runtime
task
Design and Development
Installation and Upgrade

The SAMLToken policy specifies a WS-SecurityPolicy Asymmetric Binding. This means that the client must secure the request using asymmetric keys (a private key for signature, and a public key for encryption). In addition, the "token" required for signature is an IssuedToken policy, which means that the client must contact the STS to get a token (a SAML token according to the policy) and include it in the service request. If the client is signing the request, the client uses the private key associated with the SAML token.

Talend ESB provides a template policy called wspolicy_authn_saml.policy and available in the /add-ons/registry/policies folder of the Talend ESB product.

It is also applied by default to your Talend ESB Container via the following policy file: etc/org.talend.esb.job.saml.policy. However, the STS must be started before the client, otherwise the client will not be able to get a SAML token to access the service.