Sun ONE logo      Previous      Index      Next     

Sun ONE Identity Server Deployment Guide


List of Figures

List of Tables

List of Code Examples

About This Guide
Audience for This Guide
Identity Server 6.1 Documentation Set
Identity Server Core Documentation
Identity Server Policy Agent Documentation Set
Your Feedback on the Documentation
Documentation Conventions Used in This Guide
Typographic Conventions
Related Information

Chapter 1   Introduction
What is Identity Management?
The Identity Management Infrastructure
The Life Cycle of an Identity Profile
Sun ONE Identity Server
Access Management
Single Sign-On (SSO)
Pluggable Authentication
Policy Evaluation
Federation Management
Liberty Alliance Project
Security Assertion Markup Language (SAML)
Identity Management
User Profile Management
Policy Configuration
Service Management
Policy Agents
Identity Server Console
Programmatic Interfaces
Sun ONE Directory Server
Deploying Identity Server
Integrating Identity Server
Solaris™ Operating System
Windows 2000 Server
Deployment Road Map
Deployment Guide Chapters
Related Identity Server Documentation

Chapter 2   Planning The Deployment
Defining Resources
Human Resources
Executive Sponsors
Team Lead
Project Management
Systems Analyst
LOB Application Administrators
System Administrators
Independent Software Vendors
Third Party Affiliates
Setting Goals
Gathering Information
Business Processes
IT Infrastructure
Virtual Data
Evaluating Applications
Platform Information
Security Models
Lifecycle Of A Session
Customization And Branding
Categorizing Data
Mapping To Authentication
Mapping To Authorization
Building Timelines
Deployment Design
Early Adoption
General Participation
Production Environment

Chapter 3   Identity Server Architecture
Integration Points
Policy Agents
Web And Proxy Server Agents
J2EE Agents
Identity Server SDK
Authentication API And Authentication SPI
Policy API
Identity Managment SDK
Logging API and Logging SPI
Service Management SDK
Client Detection API
Federation Management API
Functional Processes
Authentication and User Sessions
HTML Over HTTP(S) Interface
XML Over HTTP(S) Interface
Integrated Policy
Integrated Client Detection
CDSSO, SAML and Federation
Extending Identity Server
Web Containers
Multiple Directory Server Instances
LDAP Load Balancers

Chapter 4   Pre-Deployment Considerations
Deployment Options
High Availability
Hardware Requirements
Software Requirements
Operating System Requirements
Patch Clusters for Solaris
Java™ Requirement
Resource Web Server Requirements
Web Browser Requirements
Understanding the Identity Server Schema
Marker Object Classes
Administrative Roles
Schema Limitations
People Containers
Only One Identity Server Organization Allowed
Unsupported Directory Trees

Chapter 5   Deployment Scenarios
Reference Deployment Scenario
To Install Multiple Identity Servers With ammultiserverinstall
Web Deployment
Java Application Deployment
Multiple JVM Environment
Replication Considerations
Configuring For Replication
Configuring With a Load Balancer
Replication Caveats
Implementing Federation Management

Appendix A   Installed Product Layout
The Sun Java Enterprise System 2003Q4 Base Directory
The SUNWam Directory
/config ---> /etc/opt/SUNWam/config/

Appendix B   The User Session Life Cycle
The Request
The Authentication
The Session Token
The Policy
The Requested Page
Single Sign-On Requests
Thread One: Single Sign-On
Thread Two: Cross Domain Single Sign-On
Terminating a Session

Appendix C   Authenticate Against Active Directory
Point to Existing LDAP Authentication Module
Create New Active Directory Authentication Module
Multiple LDAP Sub-Configurations
Setting Up Active Directory Authentication
Quick Access To Identity Server
Reconfigure Using Directory Server

Appendix D   Load Balancer Configuration
Load Balancer Overview
Sticky Sessions
Resonate Central Dispatch Installation
Configuring The Load Balancer
To Configure Central Dispatch for setcookie
To Configure Identity Server for setcookie
To Configure Central Dispatch with Load Balancer Cookies
To Configure Identity Server with Load Balancer Cookies
Confirming The Configuration

Appendix E   Authenticate Against RADIUS Servers
RADIUS Server Configuration
Identity Server Configuration

Appendix F   Installing in a chroot Environment
Before Creating chroot
Creating a chroot Environment
Installing Identity Server Under chroot
Starting Identity Server In chroot
Identity Server Log Files In chroot


Previous      Index      Next     

Copyright 2003 Sun Microsystems, Inc. All rights reserved.