test

Sun Java System Access Manager 7 2005Q4 Federation and SAML Administration Guide

Liberty Personal Profile Service Process

The invocation of a personal profile begins when a WSC posts a query or a modify request to the Liberty Personal Profile Service on behalf of a user. The following process is also illustrated in Figure 6–2.

  1. A web services client uses the Data Services Template API to post a query or a modify request to the Liberty Personal Profile Service.

    All the query or modify requests to any identity service are SOAP requests.

  2. The client’s SOAP request is received by the SOAP receiver provided by the SOAP Binding Service.

    The SOAP receiver invokes either the Discovery Service, the Authentication Web Service, or the Liberty Personal Profile Service, depending on the service key transmitted as part of the URL. The SOAP Binding Service might also authenticate the client identity.

  3. The Liberty Personal Profile Service implements the DSTRequestHandler to process the request.

    The request is processed based on the request type (query or modify) and the query expression. Processing might entail the authorization of a WSC using the Access Manager Policy Service, or it might entail using the Interaction Service for interacting with the user before sending data to the WSC.

  4. The Liberty Personal Profile Service builds a service response, adds credentials (if they are required), and sends the response back to the WSC.

    • For a response to a query request, the Liberty Personal Profile Service builds a personal profile container (as defined by the specification). It is formatted in XML and based on the Query Select expression. The Personal Profile attribute values are extracted from the data store by making use of the attribute mapper. The attribute mapper is defined by the XML service file, and the attribute values will be used while building the XML container. The Personal Profile Service then applies xpath queries on the XML and provides us with the resultant XML data node.

    • For a response to a modify request, the Liberty Personal Profile Service parses the Modifiable Select expression and updates the new data from the new data node in the request.

The following diagram illustrates the Liberty Personal Profile Service process.

Figure 6–2 Liberty Personal Profile Service Process

Figure illustrating the process of modifying or requesting personal profile attributes.