The Sun Java™ System SAML v2 Plug-in for Federation Services is an auxiliary program that works with either Sun Java System Access Manager or Sun Java System Federation Manager. It was released in February, 2006 for the SolarisTM operating system. The August, 2006 update expanded the plug-in to include the Windows operating system. This technical note describes the differences in the SAML v2 Plug-in for Federation Services when installed and used on an instance of Sun Java System Access Manager or Sun Java System Federation Manager deployed in a Windows environment. It contains the following sections:
Installation of the SAML v2 Plug-in for Federation Services for Windows
Where to Get the SAML v2 Plug-in for Federation Services for Windows
How to Use the SAML v2 Plug-in for Federation Services for Windows
The Sun Java System SAML v2 Plug-in for Federation Services incorporates a subset of features based on the Security Assertion Markup Language (SAML) version 2 specifications and, when installed on instances of Access Manager or Federation Manager, allows support for interactions based on those specifications. The documentation originally released with the plug-in includes the following titles:
Sun Java System SAML v2 Plug-in for Federation Services Release Notes
Sun Java System SAML v2 Plug-in for Federation Services User’s Guide
Sun Java System SAMLv2 Plug-in for Federation Services Java API Reference
The SAML v2 Plug-in for Federation Services for Windows installs on either Access Manager 7 2005Q4, Access Manager 7.1, or Federation Manager 7.0 2005Q4. This section describes the specific software requirements and contains pointers to the installation procedures. It contains the following sections:
Notes for Installing SAML v2 Plug-in for Federation Services on Windows
SAML v2 Plug-in for Federation Services for Windows on Federation Manager 7.0 2005Q4
SAML v2 Plug-in for Federation Services for Windows on Access Manager 7 2005Q4
The following should be done to install the SAML v2 Plug-in for Federation Services on the Windows operating system.
Before installing the SAML v2 Plug-in for Federation Services on Windows, ensure that the LDAP server is running, and the web container is shutdown. The installer needs to modify files held by the web container process.
After installing the SAML v2 Plug-in for Federation Services on Solaris and Linux, sample metadata templates and a circle of trust will be automatically created. This is not done after installing on Windows. To create metadata templates and a circle of trust on Windows after installation, start your web container and run saml2meta. See The saml2meta Command-line Reference in Sun Java System SAML v2 Plug-in for Federation Services User’s Guide for more information.
The SAML v2 Plug-in for Federation Services can be deployed on an instance of Federation Manager 7.0 2005Q4 deployed on a Windows environment. The plug-in runs on:
Windows 2000 Advanced Server SP4 or above
Windows 2000 Server SP4 or above
Windows 2000 Professional Edition SP4 or above
Windows XP Professional Edition SP2
Windows 2003 Enterprise Server
The SAML v2 Plug-in for Federation Services for Windows was only tested on Windows 2003 Enterprise Server although it should work on all the platforms listed
The procedure to install the SAML v2 Plug-in for Federation Services on an instance of Federation Manager deployed in a Windows environment is the same as the procedure used to install it on an instance of Federation Manager deployed in a Solaris operating environment with one exception: saml2setup should be changed to saml2setup.bat. The installation instructions are documented in Chapter 2, Installing the SAML v2 Plug-in for Federation Services, in Sun Java System SAML v2 Plug-in for Federation Services User’s Guide. See Notes for Installing SAML v2 Plug-in for Federation Services on Windows for pre- and post-install procedures. Information on Federation Manager can be found in the Sun Java System Federation Manager 7 2005Q4 documentation.
The procedure to install the SAML v2 Plug-in for Federation Services on an instance of Access Manager 7 2005Q4 deployed in a Windows environment is the same as the procedure used to install it on an instance of Access Manager deployed in a Solaris operating environment with one exception: saml2setup should be changed to saml2setup.bat. The installation instructions are documented in Chapter 2, Installing the SAML v2 Plug-in for Federation Services, in Sun Java System SAML v2 Plug-in for Federation Services User’s Guide. See Notes for Installing SAML v2 Plug-in for Federation Services on Windows for pre- and post-install procedures. Information on Access Manager can be found in the Sun Java System Access Manager 7 2005Q4 documentation.
The procedure to install the SAML v2 Plug-in for Federation Services on an instance of Access Manager 7.1 deployed in a Windows environment is documented in SAML v2 Plug-in for Federation Services for Sun Java System Access Manager 7.1 in Sun Java System SAML v2 Plug-in for Federation Services Release Notes. See Notes for Installing SAML v2 Plug-in for Federation Services on Windows for pre- and post-install procedures. Information on Access Manager can be found in the Sun Java System Access Manager 7.1 documentation.
The SAML v2 Plug-in for Federation Services can be downloaded from http://www.sun.com/download/products.xml?id=43e00414. Instructions for unzipping and installing the tarball can be found in Chapter 2, Installing the SAML v2 Plug-in for Federation Services, in Sun Java System SAML v2 Plug-in for Federation Services User’s Guide.
The instructions and procedures in the SAML v2 Plug-in for Federation Services documentation work the same whether the plug-in is deployed on the Solaris operating system or in a Windows environment with one caveat: the documented directory paths. Be sure to change the defined Solaris paths to paths that reflect the Windows installation. The following table lists the directory and path differences for the SAML v2 Plug-in for Federation Services.
Table 1 SAML v2 Plug-in for Federation Services Directory Paths
SAML v2 Plug-in for Federation Services |
Solaris |
Windows |
---|---|---|
Default Base Directory |
/opt |
c:/sun |
Product Directory |
/SUNWam/saml2 |
/identity/saml2 |