- Book Information
- Part I About This Deployment Example
- Chapter 1 Key Features, System Architecture, and Process Flow
- Chapter 2 Before You Begin
- 2.1 Using This Manual
- 2.2 Downloading and Mounting the Java Enterprise System 2005Q4 Installer
- 2.3 Obtaining the Federation Manager Program
- 2.4 Obtaining the SAMLv2 Plug-In
- 2.5 Obtaining the SAMLv2 Patch 2
- 2.6 Obtaining the Application Server Enterprise Ed 8.1 2005Q1 Patch
- 2.7 Obtaining Policy Agents Software
- 2.8 Resolving Host Names
- 2.9 Setting Up Load Balancer Hardware and Software
- 2.10 Obtaining Certificates for SSL and for XML Signing and Encryption
- 2.11 Obtaining and Using the Certificate Database Tool
- 2.12 Obtaining Instructions for Deploying the Identity Provider Site
- 2.13 Finding Help for SAMLv2 CLI Commands
- Part II Setting Up the Service Provider Site
- Chapter 3 Installing and Deploying the Federation
Manager Servers
- 3.1 Installing and Configuring Federation Manager 1
- 3.2 Installing and Configuring Federation Manager 2
- 3.3 Configuring the Federation Manager Load Balancer
- To Configure Load Balancer 9 for the Federation Manager Servers
- To Configure Federation Manager 1 to Work with the Federation Manager Load Balancer
- To Configure Federation Manager 2 to Work with the Federation Manager Load Balancer
- To Verify that the Federation Manager Load Balancers are Working Properly
- 3.4 Configuring SSL Termination at the Federation Manager Load Balancer
- Chapter 4 Installing and Configuring the Directory
Servers
- 4.1 Installing Two Directory Servers
- 4.2 Creating New Directory Server Instances
- 4.3 Enabling Multi-Master Replication of the
Configuration Instances
- To Enable Multi-Master Replication of the Configuration Instance on Directory Server 3SP
- To Enable Multi-Master Replication of the Configuration Instance on Directory Server 4SP
- To Create a Replication Agreement for the Configuration Instance on Directory Server 3SP
- To Create a Replication Agreement for the Configuration Instance on Directory Server 4SP
- To Initialize the Configuration Instance Master Replica
- 4.4 Enabling Multi-Master Replication of the
User Data Instances
- To Enable Multi-Master Replication for the User Data Instance on Directory Server 3SP
- To Enable Multi-Master Replication for the User Data Instance on Directory Server 4SP
- To Create a Replication Agreement for the User Data Instance on Directory Server 3SP
- To Create a Replication Agreement for the User Data Instance on Directory Server 4SP
- To Initialize the User Data Instance Master Replica
- 4.5 Configuring the Directory Server Load Balancers
- Chapter 5 Configuring Federation Manager Servers
to Work with Directory Servers
- 5.1 Migrating Federation Manager 1 Configuration from Flat Files to Directory Servers
- 5.2 Migrating Federation Manager 1 User Data from Flat Files to Directory Servers
- 5.3 Migrating Federation Manager 2 Configuration from Flat Files to Directory Servers
- 5.4 Migrating Federation Manager 2 User Data from Flat Files to Directory Servers
- 5.5 Configuring the Federation Manager Authentication Service to Work with the Directory Servers
- Chapter 6 Setting Up the Service Provider Keystores
- 6.1 Configuring the Keystore for Federation Manager 1
- 6.2 Configuring Federation Manager 1 to Recognize the New Keystores and Key Files
- 6.3 Configuring the Keystore for Federation Manager 2
- 6.4 Configuring Federation Manager 2 to Recognize the New Keystores and Key Files
- 6.5 Loading the Access Manager Root CA Certificates into the Federation Manager Servers
- Chapter 7 Configuring SAMLv2 Metadata for the Federation Manager Servers
- Chapter 3 Installing and Deploying the Federation
Manager Servers
- Part III Setting Up the Identity Provider Site
- Chapter 8 Installing the SAMLv2 Plug-in on Access Manager Servers
- Chapter 9 Setting Up the Identity Provider Keystores
- 9.1 Configuring the Keystore for Access Manager 1
- 9.2 Configuring Access Manager 1 to Recognize the New Keystores and Key Files
- 9.3 Configuring the Keystore for Access Manager 2
- 9.4 Configuring Access Manager 2 to Recognize the New Keystores and Key Files
- 9.5 Loading the Federation Manager Root CA Certificates into the Access Manager Servers
- Chapter 10 Configuring SAMLv2 Metadata for the Access Manager Servers
- Part IV Exchanging Metadata Between Identity Provider and Service Provider
- Part V Setting Up Policy Agents in the Service Provider Site
- Chapter 13 Installing and Configuring J2EE Policy
Agents
- 13.1 Creating J2EE Policy Agent Profiles on the Federation Manager Servers
- 13.2 Installing Application Server 3 and J2EE Policy Agent 3
- 13.3 Completing the J2EE Policy Agent 3 Installation
- To Deploy the J2EE Policy Agent Housekeeping Application
- To Enable the J2EE Policy Agent 3 to Run in SSO-Only Mode
- To Initialize the Application Server 3 Certificate Database
- To Deploy the Sample Agent Application on Application Server 3
- To Verify the Use of the Sample Agent Application on Application Server 3
- 13.4 Installing Application Server 4 and J2EE Policy Agent 4
- 13.5 Completing the J2EE Policy Agent 4 Installation
- To Deploy the J2EE Policy Agent Housekeeping Application
- To Enable the J2EE Policy Agent 4 to Run in SSO-Only Mode
- To Initialize the Application Server 4 Certificate Database
- To Deploy the Sample Agent Application on Application Server 4
- To Verify the Use of the Sample Agent Application on Application Server 4
- 13.6 Configuring the J2EE Policy Agents Load Balancer
- 13.7 Configuring the Application Servers for SSL Termination
- 13.8 Configuring the J2EE Policy Agents to Work with the J2EE Policy Agents Load Balancer
- 13.9 Configuring the J2EE Policy Agents Load Balancer to Participate in SAMLv2 Protocols
- Chapter 14 Installing and Configuring Web Policy Agents
- 14.1 Creating Web Agent Profiles on the Federation Manager Servers
- 14.2 Installing Web Server 3 and Web Policy Agent 3
- 14.3 Completing the Web Policy Agent 3 Installation
- 14.4 Installing Web Server 4 and Web Policy Agent 4
- 14.5 Completing the Web Policy Agent 4 Installation
- 14.6 Configuring the Web Policy Agents Load Balancer
- 14.7 Configuring the Web Policy Agents Load Balancer to Participate in SAMLv2 Protocols
- Chapter 13 Installing and Configuring J2EE Policy
Agents
- Part VI Configuring Special Use Cases
- Chapter 15 Use Case 1: Testing Basic SAMLv2 Protocols
- 15.1 Before You Begin
- 15.2 Testing Requests Initiated by the Service Provider Using SOAP
- 15.3 Testing Requests Initiated by the Service Provider Using HTTP Redirect
- 15.4 Testing Requests Initiated by the Identity Provider Using SOAP
- 15.5 Testing Requests Initiated by the Identity Provider Using HTTP Redirect
- 15.6 The Sample jsp.index File
- Chapter 16 Use Case 2: User Attribute Mapping
- Chapter 15 Use Case 1: Testing Basic SAMLv2 Protocols
- Part VII Reference: Summaries of Server and Component Configurations