Sun Java logo     Previous      Contents      Index      Next     

Sun logo
Sun Java Systems Access Manager 6 2005Q1 Federation Management Guide 

Appendix A  
Included Samples

Sun Java™ System Access Manager has included a number of samples that make use of the Liberty Alliance Project’s specifications and its own implementations of said documents. This appendix contains information regarding the Liberty-based samples. It includes the following sections:


Overview

The samples are located in /AccessManager_base/SUNWam/samples. This directory includes samples for the entire Access Manager product as well as two directories specific to the Liberty-based features: liberty and phase2.


Federation Framework Samples

Access Manager 2005Q1 supports the Liberty Alliance Identity Federation Framework 1.2 Specifications. The Federation Framework samples are located in /AccessManager_base/SUNWam/samples/liberty. To demonstrate the different Liberty-based federation protocols featured in Access Manager, three sample applications are included. They are located in the following sub-directories:

sample1

The sample1 sample provides a collection of files, located in the /AccessManager_base/SUNWam/samples/liberty/sample1 directory, to configure a basic environment for creating and managing a federation. The sample demonstrates the basic use of various Liberty-based federation protocols (including account federation, SSO, single logout, and federation termination). The scenario includes a service provider (SP) and an identity provider (IDP). Each needs to be deployed and configured on different Access Manager installations. Table A-1 contains relative information for the two required servers.

Table A-1  Relative Information for Sample1 Servers

Variable Placeholder

Host Name

Components Deployed on This Host

machine1

www.sp1.com

Service Provider

Web Service Consumer

machine2

www.idp1.com

Identity Provider

Discovery Service

Personal Profile Service

The Readme.html in the sample directory provides detailed steps on how to deploy and configure this sample. In addition, the procedures and additional information are written up in Federation Management Samples of Chapter 3, "Federation Management."


Note

Sample1 also contains instructions for configuring a common domain. For information on common domains, see Common Domain of Chapter 1, "Introduction to the Liberty Alliance Project" and Common Domain Services of Chapter 3, "Federation Management."


sample2

The sample2 sample provides a collection of files, located in the /AccessManager_base/SUNWam/samples/liberty/sample2 directory, to configure a basic environment for creating and managing a federation but, in this case, the resources of the SP are deployed on a Sun Java System Web Server protected by an Access Manager Policy Agent. As in sample1, the SP and IDP are deployed and configured on different Access Manager installations. Apart from highlighting account federation, SSO, single logout, and federation termination, this sample also demonstrates how different authentication contexts can be configured, by associating different authentication levels with different protected pages. This association is made by creating policies for the protected resources. The Readme.html in the sample directory provides detailed steps on how to deploy and configure this sample.

sample3

The sample3 sample provides a collection of files, located in the /AccessManager_base/SUNWam/samples/liberty/sample3 directory, to configure an environment for creating and managing a federation that includes two SPs and two IDPs. In this case, though, all hosted providers are deployed on a single installation of the Access Manager. Because of this, you need to host the same IP address (the one on which Access Manager is installed) in four different DNS domains. Thus, four virtual server instances are created on the Web Server, one for each of the providers.


Note

Virtual server instances can be simulated by adding entries in the /etc/hosts file for the fully qualified host names of the virtual servers.


Since this scenario involves multiple IPs, you will also need to install a Common Domain Service. This service can be installed on the same machine as the Access Manager software or on a different machine. The Readme.html in the sample directory provides detailed steps on how to deploy and configure this sample. In addition, information on common domains can be found in Common Domain Services of Chapter 3, "Federation Management."


Web Services Framework Samples

Access Manager 6 2005Q1 supports both the Liberty Alliance Identity Web Services Framework 1.0 Specifications and the Liberty Alliance Identity Services Interface Specifications 1.0. These Web services samples are located in /AccessManager_base/SUNWam/samples/phase2. To demonstrate the different Liberty-based Web services protocols featured in Access Manager, four sample applications are included. They are located in the following sub-directories:

wsc

The wsc sample provides a collection of files, located in the /AccessManager_base/SUNWam/samples/phase2/wsc directory, to deploy and run a Web service consumer (WSC).


Note

Before implementing this example, you must have two instances of Access Manager installed, running, and Liberty-enabled. Completing the steps in sample1 will accomplish this.


In addition, this sample illustrates how to use the Discovery Service and Data Service Template client APIs to allow the WSC to communicate with a Web service provider (WSP). (The WSP is the Liberty Personal Profile Service installed with Access Manager.) It details the flow of the Liberty-based Web Service Framework (ID-WSF), and how the security mechanisms and interaction service come into play. The Readme.html in the sample directory provides detailed steps on how to deploy and configure this sample. In addition, information can be found in Chapter 6, "Discovery Service" and Chapter 5, "Data Services."

sis-ep

The sis-ep sample provides a collection of files, located in the /AccessManager_base/SUNWam/samples/phase2/sis-ep directory, to develop, deploy and invoke a new Liberty-based Web service to Access Manager. The sample implements a Liberty-based Employee Profile Service.


Note

Before implementing this example, you must have two instances of Access Manager installed, running, and Liberty-enabled. Completing the steps in sample1 will accomplish this.


The Employee Profile Service is a deployment of the Liberty ID-SIS Employee Profile Service Specification (ID-SIS-EP) which is itself an instance of the Liberty Alliance ID-SIS 1.0 Specifications. The Readme.html in the sample directory provides detailed steps on how to deploy and configure this sample. In addition, related information can be found in Chapter 5, "Data Services."

paos

The paos sample provides a collection of files, located in the /AccessManager_base/SUNWam/samples/phase2/paos directory, to demonstrate how to set up and invoke a PAOS Service interaction between a client and server. (In a real-world deployment, the server-side code would be developed by a service provider.) The sample is based on the following scenario: a cell phone user subscribes to a news service offered by his cell phone’s manufacturer. The news service automatically pushes stocks and weather information to the user’s cell phone at regular intervals. In this scenario, the manufacturer is the news service provider and the individual cell phone user is the consumer. After running the sample, you will see the output from the PAOSServer program.


Note

You can also see the output from PAOSClientServlet program in the log file of the Web Server. For example, when using Sun Java System Web Server, look in the log subdirectory for the errors file.


The Readme.html in the sample directory provides detailed steps on how to deploy and configure this sample. In addition, information can be found in PAOS Binding Sample of Chapter 8, "Application Programming Interfaces."

authnsvc

The authnsvc sample provides a collection of files, located in the /AccessManager_base/SUNWam/samples/phase2/authnsvc directory, to illustrate the use of the Access Manager Authentication Web Service. This sample program authenticates against the service, and extracts the resource offering of a discovery bootstrap. The Readme.html in the sample directory provides detailed steps on how to deploy and configure this sample. In addition, information can be found in Authentication Web Service Sample of Chapter 4, "Authentication Web Service."



Previous      Contents      Index      Next     


Part No: 817-7648.   Copyright 2005 Sun Microsystems, Inc. All rights reserved.