The SAML Verification policy verifies the incoming messages carrying an SAML token and also denies permission if the conditions set in the SAML Verification Policy configuration do not match. Various variables can be set which are explained in the sections below.
Configuration
The properties that have to be configured to use the policy are described below.
Property | Description |
Source | The target of the policy. Valid values are
|
Assertion Element Path | An XPath element that indicates the element on the inbound XML document from which the policy can extract the SAML assertion. |
Namespaces | |
Remove SAML Assertion | Enable this to remove the SAML assertion from the request message before the message is forwarded to the backend service. |
Ignore if SAML Not Present | Enable this to treat messages as XML, irrespective of the Content-type. |
Verify | Enable this is KeyStore configuration is required. |