Documentation Home
> Sun Java System SAML v2 Plug-in for Federation Services User's Guide
Sun Java System SAML v2 Plug-in for Federation Services User's Guide
Book Information
Index
A
B
C
D
E
F
I
J
L
M
N
O
P
R
S
T
U
W
X
Preface
Chapter 1 Introducing the SAML v2 Plug-in for Federation Services
The SAML Standard
Basic SAML Components
SAML v2 Summary
Sun Java System SAML v2 Plug-in for Federation Services
Key Features
Product Requirements
Sun Java System Access Manager
Sun Java System Federation Manager
SAML v2 Plug-in for Federation Services Architecture
Installation
Administration
Java Developer Tools
Interfaces
Application Programming Interfaces
Service Provider Interfaces
JavaServer Pages
Chapter 2 Installing the SAML v2 Plug-in for Federation Services
Installation Process
Supported Software Products
Supported Server Products
Installing on Sun Java System Access Manager 7 2005Q4
Installing Access Manager
Preparing Access Manager for SAML v2 Plug-in for Federation Services
Installing on Sun Java System Federation Manager 7 2005Q4
Installing Federation Manager
Preparing Federation Manager for SAML v2 Plug-in for Federation Services
Supported Web Containers
The saml2setup Command-line Reference
Creating an Installation Configuration Properties File
Installing the SAML v2 Plug-in for Federation Services
To Install the SAML v2 Plug-in for Federation Services
Installing the SAML v2 IDP Discovery Service
To Install the SAML v2 IDP Discovery Service
Postinstallation
Access Manager Postinstallation
Adding the sunFMSAML2NameIdentifier Object Class
Enabling the SAML v2 Authentication Module
To Enable the SAML v2 Authentication Module in Legacy Mode
To Enable the SAML v2 Authentication Module in Legacy Mode Using amadmin
To Enable the SAML v2 Authentication Module in Realm Mode
Federation Manager Postinstallation
To Enable the SAML v2 Authentication Module
Uninstalling the SAML v2 Plug-in for Federation Services
Chapter 3 Administration
Provider Metadata and Circles of Trust
Metadata
Standard Metadata Properties
Identity Provider Standard Metadata Properties
Service Provider Standard Metadata Properties
Extended Metadata Properties
Identity Provider Extended Metadata Properties
Service Provider Extended Metadata Properties
Dual Purpose Provider Metadata Files
Dual Purpose Standard Metadata Configuration File
Dual Purpose Extended Metadata Configuration File
To Generate Dual Purpose Metadata Configuration Files
Circles of Trust
AMConfig.properties
Static Properties in AMConfig.properties
Additional Properties in AMConfig.properties
The SAML v2 IDP Discovery Service
To Set the Reader and Writer URLs
The saml2meta Command-line Reference
Managing Metadata using saml2meta
Managing Circles of Trust using saml2meta
Chapter 4 Configuring Specialized Interactions
Single Sign-on
To Use the Transient Name Identifier
To Configure Single Sign-on without Service Provider User Account
Auto-Federation
To Enable Auto-Federation
To Configure Single Sign-on Without Data Store Writes
Auto-creation of User Accounts
To Enable Auto-creation
Using Non-Default Federation Attributes
To Store Federation Information in Existing Attributes
Enabling XML Signing and Encryption
To Enable XML Signing and Encryption
Securing SOAP Binding
Basic Authentication
Secure Socket Layer/Transport Layer Security
Server Certificate Authentication
Client Certificate Authentication
Load Balancing
To Enable Load Balancer Support
Access Control
To Enable Access Control Using Agents and Roles
Certificate Revocation List Checking
To Set Up for Certificate Revocation List Checking
To Manually Populate a Directory Server with a Certificate Revocation List
Bootstrapping the Liberty ID-WSF with SAML v2
To Enable an Identity Provider for SAML v2 Bootstrapping of Liberty ID-WSF
To Enable a Service Provider for SAML v2 Bootstrapping of Liberty ID-WSF
Chapter 5 Developer Tools
The SAML v2 Plug-in for Federation Services SDK
The SDK Packages
com.sun.identity.saml2.assertion Package
com.sun.identity.saml2.common Package
com.sun.identity.saml2.protocol Package
Setting a Customized Class
To Install the SAML v2 Plug-in for Federation Services SDK
Service Provider Interfaces
Account Mappers
IDPAccountMapper
SPAccountMapper
Attribute Mappers
IDPAttributeMapper
SPAttributeMapper
To Set Up Attribute Mappers
Authentication Context Mappers
IDPAuthnContextMapper
SPAuthnContextMapper
SPAuthnContextMapper Parameters
SPAuthnContextMapper Attributes
To Configure Mappings
JavaServer Pages
Default Display Page
Assertion Consumer Page
Single Sign-on Pages
idpSSOFederate.jsp
idpSSOInit.jsp
spSSOInit.jsp
Name Identifier Pages
idpMNIRequestInit.jsp
idpMNIRedirect.jsp
spMNIRequestInit.jsp
spMNIRedirect.jsp
Single Logout JavaServer Pages
idpSingleLogoutInit.jsp
idpSingleLogoutRedirect.jsp
spSingleLogoutInit.jsp
spSingleLogoutRedirect.jsp
Appendix A Deploying the SAML v2 Plug-in for Federation Services Generated WAR
Deploying the SAML v2 Plug-in for Federation Services in Sun Java System Web Server
To Deploy an Instance of the SAML v2 Plug-in for Federation Services in Web Server
To Remove the SAML v2 Plug-in for Federation Services from Web Server
Deploying the SAML v2 Plug-in for Federation Services in Sun Java System Application Server
To Deploy the SAML v2 Plug-in for Federation Services in Application Server
To Remove the SAML v2 Plug-in for Federation Services from Application Server
Deploying the SAML v2 Plug-in for Federation Services in BEA WebLogic Server
To Deploy the SAML v2 Plug-in for Federation Services in BEA WebLogic Server
To Remove the SAML v2 Plug-in for Federation Services from BEA WebLogic Server
Deploying Federation Manager in WebSphere Application Server
To Deploy the SAML v2 Plug-in for Federation Services in WebSphere Application Server
To Remove the SAML v2 Plug-in for Federation Services from WebSphere Application Server
Appendix B Log Message Reference
© 2010, Oracle Corporation and/or its affiliates