Federation Management, SAML, and Web Services
In 2001, Sun Microsystems joined with other companies to form the Liberty Alliance Project. This project defines standards for developing identity-based infrastructures, software, and web services.
Initially, Access Manager implemented the Liberty Identity Federation Framework (Liberty ID-FF) specification, which comprises a framework for account federation and single sign-on (SSO). Subsequent releases of Access Manager added new features, as defined in version 1.2 of the Liberty ID-FF specifications and the version 1.0 specifications of the Liberty Identity Web Services Framework (Liberty ID-WSF).
The Liberty ID-WSF framework defines a web services stack that you can use to support the Liberty Alliance Project business model. Example services include a personal profile service, discovery service, authentication service, and SOAP binding service. These web services leverage the Liberty ID-FF for principal authentication, federation, and privacy protections.
Access Manager also implements a Security Assertion Markup Language (SAML) service to exchange security information. Both the SAML 1.0 and 1.1 specifications are supported.
For more information, see the Sun Java System Access Manager 7.1 Federation and SAML Administration Guide. This guide includes an introduction to the specifications and information about how Access Manager has implemented them. It also includes configuration information, use cases, and summaries of the application programming interface (API).
Sun Java System Federation Manager
Sun Java System Federation Manager 7.0 2005Q4 is a lightweight server application that helps companies to quickly build interoperable identity and authentication services based on the Liberty Alliance Project specifications. These services work with and complement existing or newly deployed federation technologies, such as web access management solutions and authentication authorities.
You can use Federation Manager to build a reusable, standards-based framework to exchange security assertions, user attributes, and policies across a distributed network of partners. Federation Manager is a standalone product that can work with any Liberty or SAML-compliant product. You do not have to install Access Manager in order to use Federation Manager. For more information, see the following documentation collection:
http://docs.sun.com/coll/1321.1
Sun Java System Access Manager Policy Agent 2.2 for Sun Java System Application Server 9.0 / Web Services
The Sun Java System Access Manager Policy Agent 2.2 for Sun Java System Application Server 9.0 / Web Services plugs into Sun Java System Application Server Platform Edition 9.0 to provide message-level security and support for both Liberty Alliance Project token profiles and Web Services-Interoperability Basic Security Profiles (WS-I BSP). This agent provides both an HTTP authentication agent and a SOAP authentication agent and uses Access Manager 7.1 for all authentication decisions.
For more information, including the installation procedure for the agent, see the link to the Sun Java System Access Manager Policy Agent 2.2 Guide for Sun Java System Application Server 9.0/Web Services.
Note –
Sun Java System Application Server Platform Edition 9.0 is not a Java Enterprise System 5 component. For more information, see the following documentation collection:
http://docs.sun.com/coll/1343.3
- © 2010, Oracle Corporation and/or its affiliates