Use Higher Protection Level Auth Scheme for New Federated Partnership


Article ID: 209227


Updated On:


CA Single Sign On Federation (SiteMinder) CA Single Sign On Secure Proxy Server (SiteMinder) SITEMINDER


We are looking at implementing a new SAML 2.0 integration, but we'd like to use a different auth scheme for this new IDP Partnership that requires a higher protect level.  Currently, all of our SAML partnerships are on the same web host under /affwebservices/*. I have thought that we could stand up a new Web host that points to the same Federation App servers since that would let us create a new protect realm for that, but before I go about getting that setup I wanted to see if there are any other potential solutions we could use to split out a new SAML 2.0 partnership to use a different Auth Scheme with higher protect level.


Release : ALL



Minimum Authentication Level can be specified in the IDP Partnership (on the SSO and SLO page).  The Authentication URL for this partnership will need to be protected by a Realm using the minimum required or higher level authentication scheme.

Additional Information

If needed, a copy of the redirect.jsp (Authentication URL) can be made in the same folder to serve as the Authentication URL for the higher protection level.