The Dynamic Assertion Generator Plug-In is a JAVA plug-in to CA Single Sign-on (AKA SiteMinder) which allows applications to pass addition user information to CA-SSO as part of the query string of an inter-site transfer link. The additional user information will be used to modify the SAML Assertion being generated. The modification happens on the CA-SSO Policy Server just prior to the signature and encryption step. The information being added to the assertion generator plug-in must be encrypted using AES encryption and a shared key. This is done to ensure that the addition user data does indeed originate from a trusted application.
This module can have multiple instances running in a CA-SSO environment, each with their own configuration and shared key. This allows different partnerships to utilize this component as needed.
The Dynamic-AGP can perform three different function when generating SAML Assertions. The features are: