Index (Sun Java System Access Manager 7.1 Federation and SAML Administration Guide)

Sun Java System Access Manager 7.1 Federation and SAML Administration Guide


A

	access
		Authentication Web Service ( )
		Discovery Service ( )
		Liberty Personal Profile Service ( )

	Access Manager
		and federation ( )
		architecture ( )
		documentation ( )
		implementation of Liberty Alliance Project ( )
		Liberty-based web services ( )

	account federation, definition ( )

	affiliate entity
		See also entities
		configuring ( )
		definition ( )

	affiliation, definition ( )

	`amadmin`, create entities ( )

	`ambulkfed`, See bulk federation

	`amDisco_add.xml` ( )

	`amDisco.xml` ( )

	`amSAML.xml` ( )

	API
		Authentication Web Service ( )
		client for Discovery Service ( )
		common security ( )
		common service ( )
		Data Services Template ( ) ( )
		Discovery Service ( )
		extract ( )
		federation ( )
		Interaction Service ( )
		PAOS binding ( )
		public interfaces ( )
		SAML ( )
		SOAP Binding Service ( )

	Application Server, documentation ( )

	architecture
		Discovery Service ( )
		Liberty Alliance Project in Access Manager ( )
		SAML ( )

	Artifact Timeout ( )

	asserting party ( )

	assertion consumer ( )

	Assertion Skew Factor For `notBefore` Time ( )

	Assertion Timeout ( )

	assertion types, and SAML ( )

	Attribute Mapper ( )

	attribute provider, definition ( )

	attributes
		authentication context classes ( )
		Authentication Web Service ( )
		communication profiles ( )
		communication URLs ( )
		context reference ( )
		default authentication context ( )
		Discovery Service ( )
		identity provider attribute mapping ( )
		Liberty Personal Profile Service ( )
		protocol support enumeration ( )
		proxy configuration ( )
		server name identifier mapping binding ( )
		SOAP Binding Service ( )

	authentication context ( )
		attribute ( ) ( )
		definition ( )
		overview ( )

	authentication domain
		create ( )
		definition ( )

	authentication domains
		configure or modify ( )
		create ( )
		delete ( )
		overview ( )

	Authentication Service (non-Liberty) ( )

	Authentication Service Specification, overview ( )

	authentication services
		Authentication Service (non-Liberty) ( )
		Authentication Web Service (Liberty) ( )

	Authentication Web Service
		accessing ( )
		API ( )
		attribute ( )
		extract ( )
		or Authentication Service (non-Liberty) ( )
		overview ( )
		process ( )
		sample ( ) ( )
		XML service file ( )

	Authorizer ( )

	`Authorizer` interface ( )

	Authorizer interface ( )

	auto-federation ( ) ( )


B

	basic authentication ( )

	binding, definition ( )

	bootstrapping discovery service ( )

	bootstrapping Discovery Service ( )

	bulk federation ( ) ( )

	business agreements ( )


C

	circle of trust, definition ( )

	client, definition ( )

	client API
		Data Services Template ( )
		Discovery Service ( )

	Client Profiles Specification, overview ( )

	`com.sun.identity.federation.plugins` ( )

	`com.sun.identity.federation.services` ( )

	`com.sun.identity.liberty.wsf.version` ( )

	`com.sun.liberty` ( )

	common domain
		definition ( )
		overview ( )

	common domain cookie ( )

	common domain services
		configure properties ( )
		configure URLs ( )
		installation ( )

	common security API ( )

	common service interfaces ( )

	communication profiles ( )

	communication URLs ( )

	containers ( )

	context reference attribute ( )

	cookie, common domain ( )

	create
		authentication domains ( )
		entities ( )

	create entities, with `amadmin` ( )

	customize
		federation ( )
		graphical user interface ( )


D

	data services
		See also Data Services Template
		API ( )
		developing ( )
		Liberty Employee Profile Service ( )
		Liberty Personal Profile Service ( )
		overview ( )

	Data Services Template ( )
		API ( )
		client API ( )

	Data Services Template Specification, overview ( )

	default authentication context attribute ( )

	`Default64ResourceIDMapper` ( )

	`DefaultDiscoAuthorizer` class ( )

	`DefaultHexResourceIDMapper` ( )

	defederation, definition ( )

	definitions
		federation ( )
		identity ( )
		identity federation ( )
		Liberty Alliance Project terms ( )
		provider federation ( )

	develop web services
		hosting ( )
		invoke ( )
		process ( )

	developing data services ( )

	digital certificates ( )

	digital signatures ( )

	Directory Server, documentation ( )

	`DiscoEntryHandler` interface ( )

	Discovery Service
		accessing ( )
		and policy creation ( )
		and security tokens ( )
		API ( )
		architecture ( )
		attributes ( )
		bootstrapping ( )

	discovery service, bootstrapping ( )

	Discovery Service
		client API ( )
		extract ( )
		overview ( )
		process ( )
		resource offerings ( )
		sample ( )
		XML service files ( )

	Discovery Service Specification, overview ( )

	documentation
		Access Manager ( )
		Application Server ( )
		Directory Server ( )
		Sun Java Enterprise System ( )
		Sun Java System ( )
		Web Proxy Server ( )
		Web Server ( )

	dynamic identity provider proxying ( ) ( )


E

	employee profile service sample ( )

	entities
		configuring affiliate ( )
		configuring provider ( )
		creating ( )
		creating with `amadmin` ( )
		overview ( )
		populate ( )

	entity descriptors, See entities


F

	federated identity, definition ( )

	federation
		affiliate entity
			configuring ( )
		and single sign-on ( )
		API ( )
		authentication domains ( )
		auto-federation ( )
		bulk federation ( )
		configure global logout ( )
		configure pre-login ( )
		definition ( ) ( )
		dynamic identity provider proxying ( )
		entities ( )
			creating ( )
			creating with `amadmin` ( )
		entities and authentication domains ( )
		graphical user interface ( )
		identity provider metadata sample ( )
		in Access Manager ( )
		pre-login process ( )
		pre-login URL ( )
		process of ( )
		provider entity
			configuring ( )
		sample environment ( )
		samples ( )
		service provider metadata sample ( )
		signing ( )

	federation API ( )

	federation cookie, definition ( )

	federation termination, definition ( )

	Federation Termination Notification Protocol, overview ( )

	`FSConfig.properties` ( )


G

	global logout ( )
		configure ( )

	Glossary, Java ES ( )

	graphical user interface, federation ( )


I

	identifiers and name registration ( )

	identity
		definition ( ) ( )

	identity-based web service ( )

	identity federation ( )
		definition ( ) ( )

	identity provider
		definition ( )
		metadata sample ( )

	identity provider attribute mapping ( )

	identity providers, trust between ( )

	identity service
		definition ( ) ( )

	installation, common domain services ( )

	Interaction Service ( )

	Interaction Service Specification, overview ( )

	interfaces
		Authentication Web Service ( )
		`Authorizer` ( )
		Authorizer ( )
		common service ( )
		`DiscoEntryHandler` ( )
		Discovery Service ( )
		request handler ( )
		`ResourceIDMapper` ( )
		ResourceIDMapper ( )


K

	key management ( )
		keystore entry ( )
		overview ( )
		setting up keystore ( )
		trusted certificate entry ( )

	keystore, setting up ( )

	keystore entry ( ) ( )

	`keytool` ( )


L

	Liberty Alliance Project
		architecture in Access Manager ( )
		Liberty Identity Federation Framework ( )
		Liberty Identity Service Interface Specifications ( )
		Liberty Identity Web Services Framework ( )
		overview ( )
		SAML comparison ( )
		specifications ( )
		terms ( )

	Liberty-based API ( )

	Liberty-based web services, Access Manager ( )

	Liberty Employee Profile Service ( )

	Liberty-enabled client, definition ( )

	Liberty-enabled proxy, definition ( )

	Liberty ID-FF Bindings and Profiles, overview ( )

	Liberty ID-FF Protocols and Schema, overview ( )

	Liberty ID-SIS Employee Profile Service Specification, overview ( )

	Liberty ID-SIS Personal Profile Service Specification, overview ( )

	Liberty ID-WSF, implementation ( )

	Liberty ID-WSF 1.1 profiles ( )

	Liberty Identity Federation Framework
		convergence with SAML ( )
		overview ( )

	Liberty Identity Service Interface Specifications, overview ( )

	Liberty Identity Web Services Framework, overview ( )

	Liberty Personal Profile Service ( )
		accessing ( )
		attributes ( )
		extract ( )

	Liberty process sample ( )


M

	metadata ( )
		identity provider sample ( )
		service provider sample ( )


N

	name identifier, definition ( )

	Name Identifier Mapping Protocol, overview ( )

	name registration ( )

	Name Registration Protocol, overview ( )


O

	overview
		authentication and authentication context ( )
		authentication domains ( )
		Authentication Service Specification ( )
		Authentication Web Service ( )
		auto-federation ( ) ( )
		bulk federation ( ) ( )
		Client Profiles Specification ( )
		common domain ( )
		common domain cookie ( )
		common domain services
			properties ( )
			URLs ( )
		data services ( )
		Data Services Template ( )
		Data Services Template Specification ( )
		Discovery Service ( )
		Discovery Service Specification ( )
		dynamic identity provider proxying ( ) ( )
		entities ( )
		federation API ( )
		federation management ( )
		federation process ( )
		Federation Termination Notification Protocol ( )
		global logout ( )
		identifiers and name registration ( )
		identity federation and single sign-on ( )
		implementation of Liberty Alliance Project ( )
		Interaction Service ( )
		Interaction Service Specification ( )
		Liberty Alliance Project ( )
		Liberty Alliance Project specifications ( )
		Liberty Employee Profile Service ( )
		Liberty ID-FF Bindings and Profiles ( )
		Liberty ID-FF Protocols and Schema ( )
		Liberty ID-SIS Employee Profile Service Specification ( )
		Liberty ID-SIS Personal Profile Service Specification ( )
		Liberty Identity Federation Framework ( )
		Liberty Identity Service Interface Specifications ( )
		Liberty Identity Web Services Framework ( )
		Liberty Personal Profile Service ( )
		Name Identifier Mapping Protocol ( )
		Name Registration Protocol ( )
		PAOS binding ( )
		pre-login URL ( )
		public interfaces ( )
		SAML ( )
		samples ( )
		Security Mechanisms Specification ( )
		signing Liberty ID-FF ( )
		Single Logout Protocol ( )
		Single Sign-On and Federation Protocol ( )
		SOAP Binding Service ( )
		SOAP Binding Specification ( )


P

	PAOS binding ( )
		PAOS or SOAP ( )
		sample ( ) ( )

	parameters, pre-login URL ( )

	patches, Solaris ( )

	PKI ( )
		digital certificates ( )
		digital signatures ( )

	policy creation, and Discovery Service ( )

	pre-login, configure ( )

	pre-login process ( )

	pre-login URL ( )
		configure ( )
		parameters ( )

	principal, definition ( )

	procedures
		create policy for `DefaultDiscoAuthorizer` ( )
		store resource offerings ( ) ( ) ( )

	process
		Authentication Web Service ( )
		Discovery Service ( )
		federation ( )
		federation and single sign-on ( )
		pre-login ( )
		SOAP Binding Service ( )

	profile, definition ( )

	profile types
		and SAML ( )
		web artifact profile ( )
		web POST profile ( )

	profiles, set up Liberty ID-WSF ( )

	protocol, definition ( )

	protocol support enumeration ( )

	provider entity
		See also entities
		configuring ( )
		definition ( )

	provider federation
		definition ( ) ( )
		enable ( )

	provider trust ( ) ( )

	proxy configuration ( )

	pseudonym
		definition
			See name identifier

	public interfaces ( )

	public key infrastructure, See PKI


Q

	query parameter ( )


R

	reader service URL ( ) ( )

	receiver, definition ( )

	relying party ( )

	request handler ( )

	RequestHandler interface ( )

	resource offering ( )
		definition ( )
		for bootstrapping ( )

	resource offerings
		as dynamic attributes ( )
		as user attributes ( )
		storing ( )

	resource offerings for bootstrapping ( )

	ResourceID Mapper ( )

	`ResourceIDMapper` interface ( )

	ResourceIDMapper interface ( )


S

	SAML ( )
		`amSAML.xml` ( )
		API ( )
		architecture ( )
		Artifact Timeout ( )
		Assertion Skew Factor For `notBefore` Time ( )
		assertion types ( )
		AssertionTimeout ( )
		convergence with Liberty ID-FF ( )
		Liberty comparison ( )
		overview ( )
		profile types ( )
			web artifact profile ( )
			web POST profile ( )
		SAML Artifact Name ( )
		SAML SOAP receiver ( )
			SOAP messages ( )
		samples ( )
		Sign SAML Assertion ( )
		Sign SAML Request ( )
		Sign SAML Response ( )
		site Identifiers ( )
		Target Specifier ( )
		target URLs ( )
		trusted partners ( )
		using ( )

	SAML Artifact Name ( )

	SAML authority ( )

	SAML SOAP receiver ( )
		SOAP messages ( )

	sample use case ( )

	samples
		Authentication Web Service ( ) ( )
		Discovery Service ( )
		employee profile service ( )
		federation ( ) ( )
		PAOS binding ( ) ( )
		SAML ( )
		security tokens ( )
		use case process ( )
		web service consumer ( )

	samples overview ( )

	security, web services ( )

	Security Mechanisms Specification, overview ( )

	security tokens
		and Discovery Service ( )
		generating ( )

	sender, definition ( )

	server, definition ( )

	server name identifier mapping binding ( )

	service provider
		definition ( )
		metadata sample ( )

	service providers, trust between ( )

	Sign SAML Assertion ( )

	Sign SAML Request ( )

	Sign SAML Response ( )

	signing Liberty ID-FF ( )

	single logout, definition ( )

	Single Logout Protocol, overview ( )

	single sign-on ( )
		definition ( )

	Single Sign-On and Federation Protocol, overview ( )

	single sign—on, and federation ( )

	site identifiers ( )

	SOAP Binding, extract ( )

	SOAP Binding Service
		API ( )
		attributes ( )
		overview ( )
		PAOS or SOAP ( )
		process ( )
		request handler ( )
		`SOAPReceiver` ( )
		XML service file ( )

	SOAP Binding Specification, overview ( )

	SOAP messages ( )

	`SOAPReceiver` ( )
		SOAP Binding process ( )

	Solaris
		patches ( )
		support ( )

	specifications (Liberty Alliance Project) ( )
		Liberty Identity Federation Framework ( )
		Liberty Identity Service Interface Specifications ( )
		Liberty Identity Web Services Framework ( )

	support, Solaris ( )


T

	Target Specifier ( )

	target URLs ( )

	terms, Liberty Alliance Project ( )

	trust, between providers ( )

	trusted certificate entry ( )

	trusted partners ( )

	trusted provider, definition ( )


U

	use cases, sample process ( )


W

	web artifact profile ( )

	web POST profile ( )

	Web Proxy Server, documentation ( )

	Web Server, documentation ( )

	web service consumer, definition ( )

	web service consumer sample ( )

	web service provider, definition ( )

	web services
		developing ( )
		hosting ( )
		invoking ( )
		security ( )

	web services (Liberty-based), Access Manager ( )

	Web Services Description Language, See WSDL

	writer service URL ( ) ( )

	WSDL ( )


X

	XML service files
		`amSAML.xml` ( )
		Authentication Web Service ( )
		Discovery Service ( )
		SOAP Binding Service ( )