WAS v8.5 > Secure applications > Secure web services > Secure web services > Administer Web Services Security > Administer message-level security for JAX-WS web servicesSecure messages using SAML
Configure policy sets, bindings, and SAML-specific tokens to secure web services and messages.
To secure messages using SAML, we can import, then modify, the SAML default policy sets. WAS does not support attaching policy sets directly to a Web services client, so we specify them as custom properties in the client binding document.
We can also create a SAML bearer token using the SAML library API. A bearer token contains a bearer assertion, which is used to facilitate web browser SSO.
Subtopics
- Communicate with security token service (STS)
- SAML bearer token
- SAML holder-of-key symmetric key token
- Sign SAML tokens at the message level
- Manage self-issue SAML token configuration using wsadmin
- SAML sender-vouches token