Sun Java logo     Copyright      Index      Next     

Sun logo
Sun Java System Identity Server 2004Q2 Federation Management Guide 

Contents


About This Guide
Audience for This Guide
Identity Server 2004Q2 Documentation Set
Identity Server Core Documentation
Identity Server Policy Agent Documentation
Your Feedback on the Documentation
Documentation Conventions Used in This Guide
Typographic Conventions
Terminology
Related Information
Related Third-Party Web Site References

Chapter 1   Introduction to Identity Federation and the Web Services Framework
The Need for Federated Identities
The Liberty Alliance Project
The Circle of Trust
Federation Management Architecture
Identity Federation Framework
Identity Web Services Framework
Identity Service Instance Specifications
Supporting Components
The Federation Management Process
Federation Single Sign-On Process
Pre-Login Process
System Flow

Chapter 2   Creating a Liberty Web Services Environment
Installing Identity Server
Deploying the Service Provider
To Upload the Metadata for the Service Provider
To Configure the Service Provider
To Deploy the Service Provider.WAR File
If Identity Server is installed on Sun Java System Web Server
If Identity Server is installed on Sun Java System Application Server
Deploying the Identity Provider
To Upload the Metadata for the Identity Provider
To Configure the Identity Provider
To Deploy the Identity Provider .WAR File
If Identity Server is installed on Sun Java System Web Server
If Identity Server is installed on Sun Java System Application Server
(Optional) Configuring a Third Level Domain
To Configure a Third-Level Domain
Verifying a Successful Liberty Setup
To Federate Service Provider and Identity Provider Accounts
To Perform a Single Sign-On
To Perform a Single Logout
To Terminate Account Federation
Deploying a Web Service Consumer
The Web Service Consumer Example
Configuring the Service Provider
Configuring the Identity Provider
Running the Web Service Consumer Sample
To Run the Web Service Client Sample
Interacting with the Personal Profile Service
X.509 Message Authentication
Setup
To test X.509 Message Authentication in discovery service
To test X.509 Message Authentication in Personal Profile Service,
To test SSL (urn:liberty:security:2003-08:TLS:X509),

Chapter 3   Federation Management
Overview of Authentication Domains and Providers
Managing Authentication Domains
To Create An Authentication Domain
To Modify An Authentication Domain
To Delete An Authentication Domain
Managing Entity Descriptors
Creating and Managing Providers
To Create a Container Entity
To Create and Manage a Provider Descriptor
Creating and Managing Affiliates
To Create an Affiliate Entity
To Manage an Affiliate Descriptor
To Add a Contact Person and Organization
Deleting Entity Descriptors
Managing Resource Offerings
To Define Resource Offering
Adding a New Liberty Web Service
An Employee Profile Service Example
Developing the Server-Side Code
Configuring the Service Schema
Setting Up the Back-End Data Store
To Set up the Back-End Data Store
Deploying the Service on the Identity Provider
To Deploy the Service
Deploying the Client on the Service Provider
To Deploy the Client
Running the Web Service Client
Constructing a PAOS Request and Response
To Run the Sample PAOS Program

Chapter 4   Service Configuration Attributes
Discovery Service Attributes
Liberty Personal Profile Service Attributes
SOAP Binding Service Attributes

Chapter 5   Using the Web Services Client APIs
Federation Packages and Global Interfaces
Trusted Authority
Security Token Manager
SOAP Binding
Plugin a new Web Service Provider
Authorization
Creating an SSO Token
Creating a Policy
Discovery Service
Authorizer
DefaultDiscoAuthorizer
ResourceIDMapper
DiscoEntryHandler
Client APIs
Data Services Template
Client APIs
Personal Profile Service
How It Works
Notes on Customizing the Personal Profile Service
Attribute Mapping
Authorization
Containers
Extensions
Rewriting the whole service
Interaction Service
Metadata Specifications
External component dependency
PAOS
PAOS APIs

Glossary

Index


Copyright      Index      Next     

Copyright 2004 Sun Microsystems, Inc. All rights reserved.