Liberty ID-WSF Architecture in Access Manager

The Liberty ID-WSF defines an architecture in which SOAP over HTTP(S) is used as the transport layer protocol. As well, custom web services can be plugged into it. All web services in Access Manager (whether proprietary or custom) are front-ended by a servlet endpoint called the SOAPReceiver. The SOAPReceiver validates digital signatures or encryptions from incoming SOAP request messages and authenticates the remote web services client. The following diagram shows the high level architecture of the Access Manager implementation of the Liberty ID-WSF.

In the high-level process between a WSC and an Access Manager WSP, a user requests a specific service on a WSC which passes the request to Access Manager. The request is received by the SOAPReceiver which, in turn, passes it to the corresponding WSP (for example, the Liberty Personal Profile Service or a custom web service). More detailed information can be found in SOAP Binding Process.