com.soa.security.provider.claim.XPath.label
XPath Expression
com.soa.security.provider.claim.assertionXPath.label
Assertion XPaths
com.soa.security.provider.claim.claimDesc.label
Description
com.soa.security.provider.claim.claimDetails.label
Claim Configuration Details
com.soa.security.provider.claim.claimName.label
Claim Name
com.soa.security.provider.claim.claims.label
Claims
com.soa.security.provider.claim.helpHeading
Claim Configuration
com.soa.security.provider.claim.helpText1
A claim is a statement that one subject makes about itself or another subject. The subject making the claim(s) is the provider. Claims are packaged into one or more tokens that are then issued by an issuer.
com.soa.security.provider.claim.helpText10
After specifying the claim information, click "Next." The "Assertion XPaths" screen displays.
com.soa.security.provider.claim.helpText2
The claim-based identity system models a claim as an XML token that is signed by an authority, and the token contains assertions about the attributes of a user subject. In the case of Active Directory Federation Services (ADFS), a claim will be a SAML token.
com.soa.security.provider.claim.helpText3
On the "Claim Configuration" screen you compose a claim by specifying Issuer Name, Issuer Certificate, Identity XPath, Namespace Prefixes, and Claim Name. You can define multiple claims in a single configuration.
com.soa.security.provider.claim.helpText4
Specify the following information:
com.soa.security.provider.claim.helpText5
<i>Issuer Name</i>: This is a URI that uniquely represents a claim issuer. If the claim token is SAML, the issuer identifier must match the issuer URL in the SAML token.
com.soa.security.provider.claim.helpText6
<i>Issuer Certificate</i>: This is an X509 Certificate of the issuer. It is used by Policy Manager to verify the signature of the claim token at runtime. Click "Choose File" to upload your certificate.
com.soa.security.provider.claim.helpText7
<i>Identity XPath</i>: An XPath string function that will be evaluated against the claim token during runtime. The result of the evaluation will be used as the identifier of the requester and saved as part of the usage data.
com.soa.security.provider.claim.helpText8
<i>Namespace Prefixes</i>: To simplify the specification of XPath expressions, you can define a list of XML namespace prefix definitions as part of the claim-based identity system configuration. These namespace prefix definitions are used as the context to evaluate all XPath expressions in the claim configuration. Click "Add Namespace" to add multiple Namespace entries.
com.soa.security.provider.claim.helpText9
<i>Claim Name</i>: A string that identifies the claim. Click "Add Claim" to add multiple claim entries.
com.soa.security.provider.claim.issuerCert.label
Issuer Certificate
com.soa.security.provider.claim.issuerCert.msg
A file has already been uploaded. Leave the Issuer Certificate blank to keep the current file.
com.soa.security.provider.claim.issuerDetails.label
Issuer Details
com.soa.security.provider.claim.issuerName.label
Issuer Name
com.soa.security.provider.claim.namespace.label
Namespace
com.soa.security.provider.claim.namespacePrefixes.label
Namespace Prefixes
com.soa.security.provider.claim.prefixes.label
Prefix
com.soa.security.provider.claim.subjectXPath.label
Identity XPath
com.soa.security.provider.claim.title
Claims Module Wizard
com.soa.security.provider.claim.viewCert.button
View Certificate
com.soa.security.provider.claim.xPathDetails.label
Identity Assertion
com.soa.security.provider.claim.xpath.helpHeading
Assertion XPaths
com.soa.security.provider.claim.xpath.helpText1
The "Assertion XPaths" screen allows you to specify one or more XPath Assertions for each claim, and optionally specify a Claim Description. Note, you will receive an "Assertion XPaths" screen for each claim name you defined.
com.soa.security.provider.claim.xpath.helpText2
Specify the following information:
com.soa.security.provider.claim.xpath.helpText3
<i>Claim Description</i>: A string that describes the claim. This field is optional.
com.soa.security.provider.claim.xpath.helpText4
<i>Assertion XPaths</i>: An XPath string representing an assertion in a claim token. The XPath expression will be evaluated against a claim token at runtime. In order for the claim token to be valid, the result of the XPath evaluation must be true. You can specify multiple XPath assertions for a single claim. In this case, each assertion must be evaluated to true in order for the token to be accepted. If the evaluation of one or more specified XPath assertions is false at runtime, the claim will be considered invalid and will result in authorization failure. Click "Add XPath" to add multiple XPath entries.
com.soa.security.provider.claim.xpath.helpText5
<i>Namespace Prefixes</i>: To simplify the specification of XPath expressions, you can define a list of XML namespace prefix definitions as part of the claim-based identity system configuration. These namespace prefix definitions are used as the context to evaluate all XPath expressions in the claim configuration. Click "Add Namespace" to add multiple Namespace entries.
com.soa.security.provider.claim.xpath.helpText6
If you specified multiple claim names, click "Next" to configure the next set of Assertion XPaths. After you have configured the Assertion XPaths for all claims, click "Finish."
