Authentication Web Service Overview

The implementation of the Access Manager Authentication Web Service is based on the Liberty ID-WSF Authentication Service Specification. The specification defines a protocol that adds authentication functionality to the SOAP binding discussed in the Liberty ID-WSF SOAP Binding Specification and, Chapter 8, SOAP Binding Service in this guide. The specification also contains an XML schema that defines the authentication protocol.

This XML Schema Definition (XSD) file can be found on the Liberty Alliance Project web site. Version 1.0 is also reproduced in Appendix B, Service Schema Files.

The Authentication Web Service is for provider-to-provider authentication. The Simple Authentication and Security Layer (SASL) is the method used to add this authentication support.

XML Service File

The Authentication Web Service is configured using the XML service file amAuthnSvc.xml. This file defines the attribute for the Authentication Web Service which can be managed through the Access Manager console or the XML file.

For information about service files, see the Sun Java System Access Manager 7 2005Q4 Administration Guide.

Authentication Web Service APIs

The Access Manager Authentication Web Service includes the following Java programming packages:

• com.sun.identity.liberty.ws.authnsvc

• com.sun.identity.liberty.ws.authnsvc.mechanism

• com.sun.identity.liberty.ws.authnsvc.protocol

The first package is a client API for external Java applications to send SASL requests and receive SASL responses. The second package defines an interface to handle different SASL mechanisms. The final package contains classes that represent the SASL request and response. Together, the packages are used to initiate the authentication process and communicate authentication credentials to the Authentication Web Service. For more information, see the Authentication Web Service API.