The following procedure describes a SALT administrator setting up GWWS to be able to handle SAML assertion for the first time.

1. Change directory to $APPDIR and start wsadmin.
2. Use "saml create" command to create the key file.
3. Use "saml add -g" command to add GWWS record.
4. Use "saml add -i" command to add trusted assertion issuer record for every trusted assertion issuer.
5. Copy the file "saml_key.meta" to the directory described in the SALT deployment descriptor file "CertPath" element under "Certificate".
6. Change directory to Oracle Tuxedo application domain, and use "tmboot -y" to boot the Oracle Tuxedo application domain.

In MP mode configuration, it is possible to have a different GWWS record in the key file for a different GWWS instance. The following procedure creates the key file for a GWWS instance on a different node.

1. Copy the original key file to different directory or machine.
2. Use "saml delete -g" to delete existing GWWS record.
3. Use "saml add -g" to add a different GWWS record.
4. Boot Oracle Tuxedo.