Jericho SAML Attribute Responder

SAML Attribute Authorities Deployed in Minutes

The Jericho SAML Attribute Responder allows organizations to establish an Attribute Assertion Authority and provides qualifying information about a subject in the form of an attribute assertion that can ultimately be used in policy decisions. It asserts that qualifying informational attributes are associated with a specific identity that is sent in the request from a SAML client or attribute consumer.

The client may be a Policy Decision Point (PDP), Policy Enforcement Point (PEP) or consumer of a Web Service. The request comes in the form of a SAML attribute query and the identity to be qualified is the "Name Identifier" in the SAML subject element. The Attribute Responder requests attributes from a back-end datasource such as an LDAP directory or relational database and builds a signed SAML assertion.

This signed SAML Assertion encapsulates an attribute statement that contains the attribute values that were requested about a subject. The Attribute Responder is an attribute retrieval Web Service deployable on any J2EE compliant web container.