Analyzing the Deployment

The typical configuration for Multi-Federation Protocol Hub requires one OpenSSO Enterprise instance as an Identity Provider, and two or more OpenSSO Enterprise instances as Service Providers. In this deployment example, the Multi-Federation Protocol Hub is configured with three different Service Providers. Each Service Provider uses a different federation protocol to connect to a single OpenSSO Enterprise instance. Single Logout occurs through a browser redirect when the HTTP post profile is used. If the SOAP binding is used, then a direct SOAP request is sent from the Identity Provider to the Service Provider.

The following illustration illustrates the major components that are involved in the Multi-Federation Protocol Hub.

Figure 8–1 Deployment Architecture for the Multi-Federation Protocol Hub

SAMLv2, ID-FF1, and WS-Federation protocols are
used in the Multi-Federation Protocol Hub.

Previous: About Identity and Web Services Federation Protocols
Next: Considering Assumptions, Dependencies, and Constraints