By default, the WebSphere Application Server SAML Trust Association Interceptor (TAI) supports IdP-initiated SSO only. When custom code is in place, the SAML TAI can be configured to support SP-initiated SSO. Writing a custom java class the authentication process will be intercepted and handled by the SP – a SAML mutual trust relationship between the SP and IdP is to be established in advance. Products used: WebSphere Application Server v9, TAI, SAML, Java, Eclipse IDE
