Natural Apps using RACF - how to implement SSO using web service / SAML assertion

First, I am new here and know next to nothing abt Natural, Natural Security and Natural SAF.
I work in Identity and Access Management mostly Java/Web.

Problem I want to pursue is: I have customer with application in Natural on mainframe and it uses RACF for security. Want to know options for single sign on into this application where the user web session is already authenticated prior to accessing this application. When accessing this application, can it go to a different login page where it would pick up the login token (in the header or as part of url parameter) and assert the identity with a web service call (SAML). If the identity is valid, logon session is created and able to login without being challenged for userid/password again.

How can one implement this? What setting in Nature Security is needed and programming option?

Thanks in advanced.

Regards,
Doug

What is the client / terminal emulation used to access the Natural application ?

Hi Wolfgang

The client is a web browser. Terminal emulation is 3270? My understanding that web access is screen scrape and feed into terminal mode.

Look forward to your reply.

Regards,
Doug