Sun Java System Access Manager 7.1 Federation and SAML Administration Guide

Preface

The Sun Java™ System Access Manager 7.1 Federation and SAML Administration Guide provides information about the Federation and Security Assertions Markup Language (SAML) components of Sun Java System Access Manager. The Federation and SAML Administration Guide includes an introduction to the open-standard specifications used to develop these features and information on how Access Manager has implemented them. It also includes information on integrated web services, and summaries of the application programming interface (API).

Before You Read This Book

This Federation and SAML Administration Guide is intended for use by IT professionals, network administrators and software developers who implement an identity framework using Sun Java System servers and the following technologies:

Lightweight Directory Access Protocol (LDAP)
Java
JavaServer Pages^™ (JSP)
HyperText Transfer Protocol (HTTP)
HyperText Markup Language (HTML)
eXtensible Markup Language (XML)
Web Services Description Language (WSDL)
Security Assertion Markup Language (SAML)
SOAP (SOAP is no longer an acronym for the messaging protocol.)
Liberty Alliance Project specifications

Related Books

Access Manager is a component of the Sun Java Enterprise System, a software infrastructure that supports enterprise applications distributed across a network or Internet environment. Related documentation is available as follows:

Note –

For instructions on installing Access Manager, begin with the Sun Java Enterprise System 5 Installation Guide for UNIX.

Access Manager Core Documentation

The Access Manager documentation set contains the following titles:

The Sun Java System Access Manager 7.1 Release Notes will be available online after the product is released. It gathers an assortment of last-minute information, including a description of what is new in this current release, known problems and limitations, installation notes, and how to report issues with the software or the documentation.
The Sun Java System Access Manager 7.1 Technical Overview provides an overview of how Access Manager components work together to consolidate access control functions, and to protect enterprise assets and web-based applications. It also explains basic Access Manager concepts and terminology.
The Sun Java System Access Manager 7.1 Deployment Planning Guide provides information for planning an Access Manager deployment within an existing information technology infrastructure.
The Sun Java System Access Manager 7.1 Postinstallation Guide provides information on configuration tasks you perform after installing Access Manager.
The Sun Java System Access Manager 7.1 Performance Tuning Guide provides information on how to tune Access Manager and its related components for optimal performance.
The Sun Java System Access Manager 7.1 Administration Guide describes how to configure, monitor, manage, and maintain Access Manager services, identities, and policies either through the console or the command-line interface.
The Sun Java System Access Manager 7.1 Administration Reference provides reference information for administrators including, for example, error codes.
The Sun Java System Access Manager 7 2006Q4 Federation and SAML Administration Guide (this guide) provides information about the features in Access Manager that are based on the Liberty Alliance Project and SAML specifications. It includes information on the services based on these specifications, instructions for enabling a Liberty-based environment, and summaries of the application programming interface (API) for extending the framework.
The Sun Java System Access Manager 7.1 Developer’s Guide offers information on how to customize Access Manager and integrate its functionality into an organization’s current technical infrastructure. It also contains details about the programmatic aspects of the product and its API.
The Sun Java System Access Manager 7.1 C API Reference provides summaries of data types, structures, and functions that make up the public Access Manager C APIs.
The Sun Java System Access Manager 7.1 Java API Reference is generated from Java code using the Javadoc^TM tool. The pages provide information on the implementation of the Java packages in Access Manager.
The Sun Java System Access Manager Policy Agent 2.2 User’s Guide provides an overview of the policy functionality and the policy agents available for Access Manager.

Updates to the Release Notes and links to modifications of the core documentation can be found on the Access Manager page at the Sun Java Enterprise System documentation web site. Updated documents will be marked with a revision date.

Sun Java Enterprise System Documentation

The following books in the Sun Java Enterprise System documentation set contain planning and installation procedures for Access Manager:

A full list of the Java Enterprise System documentation is documented in the following table.

Table P–1 Sun Java Enterprise System Documentation Listing


Document Title	Contents
Sun Java Enterprise System 5 Release Notes for UNIX Sun Java Enterprise System 5 Release Notes for Microsoft Windows	Contains the latest information about Java ES, including known problems. In addition, components have their own release notes listed in the Release Notes Collection.
Sun Java Enterprise System 5 Technical Overview	Introduces the technical and conceptual foundations of Java ES. Describes components, the architecture, processes, and features.
Sun Java Enterprise System 2006Q3 Deployment Planning Guide	Provides an introduction to planning and designing enterprise deployment solutions based on Java ES. Presents basic concepts and principles of deployment planning and design, discusses the solution life cycle, and provides high-level examples and strategies to use when planning solutions based on Java ES.
Sun Java Enterprise System 5 Installation Planning Guide	Helps you develop the implementation specifications for the hardware, operating system, and network aspects of your Java ES deployment. Describes issues such as component dependencies to address in your installation and configuration plan.
Sun Java Enterprise System 5 Installation Guide for UNIX Sun Java Enterprise System 5 Installation Guide for Microsoft Windows	Guides you through the process of installing Java ES. Also shows how to configure components after installation, and verify that they function properly.
Sun Java Enterprise System 5 Installation Reference for UNIX	Gives additional information about configuration parameters, provides worksheets to use in your configuration planning, and lists reference material such as default directories and port numbers on the Solaris Operating System and Linux operating environment.
Sun Java Enterprise System 2006Q3 Upgrade Guide Sun Java Enterprise System 5 Upgrade Guide for Microsoft Windows	Provides instructions for upgrading to Java ES 5 from previously installed versions.
Sun Java Enterprise System 5 Monitoring Guide	Gives instructions for setting up the Monitoring Framework for each product component and using the Monitoring Console to view real-time data and create monitoring rules.
Sun Java Enterprise System Glossary	Defines terms that are used in Java ES documentation.

Searching Sun Product Documentation

Besides searching Sun product documentation from the docs.sun.com^SM web site, you can use a search engine by typing the following syntax in the search field:

search-term site:docs.sun.com

For example, to search for “broker,” type the following:

broker site:docs.sun.com

To include other Sun web sites in your search (for example, java.sun.com, www.sun.com, and developers.sun.com), use sun.com in place of docs.sun.com in the search field.

Accessing Sun Resources Online

For product downloads, professional services, patches, support, and additional developer information, go to:

Contacting Sun Technical Support

If you have technical questions about this product that are not answered in the product documentation, contact Sun Support Services.

Documentation, Support, and Training

The Sun web site provides information about the following additional resources:

Documentation (http://www.sun.com/documentation/)
Support (http://www.sun.com/support/)
Training (http://www.sun.com/training/)

Third-Party Web Site References

Third-party URLs are referenced in this document and provide additional, related information.

Note –

Sun is not responsible for the availability of third-party web sites mentioned in this document. Sun does not endorse and is not responsible or liable for any content, advertising, products, or other materials that are available on or through such sites or resources. Sun will not be responsible or liable for any actual or alleged damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through such sites or resources.

Sun Welcomes Your Comments

Sun is interested in improving its documentation and welcomes your comments and suggestions. To share your comments, go to http://docs.sun.com and click Send Comments. In the online form, provide the full document title and part number. The part number is a 7-digit or 9-digit number that can be found on the book's title page or in the document's URL. For example, the title of this book is Sun Java System Access Manager 7.1 Federation and SAML Administration Guide, and the part number is 819–4674–10.

Typographic Conventions

The following table describes the typographic changes that are used in this book.

Table P–2 Typographic Conventions


Typeface	Meaning	Example
`AaBbCc123`	The names of commands, files, and directories, and onscreen computer output	Edit your `.login` file. Use `ls -a` to list all files. `machine_name% you have mail.`
`AaBbCc123`	What you type, contrasted with onscreen computer output	`machine_name%` `su` `Password:`
`AaBbCc123`	A placeholder to be replaced with a real name or value	The command to remove a file is `rm` `filename`.
AaBbCc123	Book titles, new terms, and terms to be emphasized (note that some emphasized items appear bold online)	Read Chapter 6 in the User's Guide. A cache is a copy that is stored locally. Do not save the file.

Symbol Conventions

The following table explains symbols that might be used in this book.

Table P–3 Symbol Conventions


Symbol	Description	Example	Meaning
`[ ]`	Contains optional arguments and command options.	`ls [-l]`	The `-l` option is not required.
`{ \| }`	Contains a set of choices for a required command option.	`-d {y\|n}`	The `-d` option requires that you use either the `y` argument or the `n` argument.
`${ }`	Indicates a variable reference.	`${com.sun.javaRoot}`	References the value of the `com.sun.javaRoot` variable.
-	Joins simultaneous multiple keystrokes.	Control-A	Press the Control key while you press the A key.
+	Joins consecutive multiple keystrokes.	Ctrl+A+N	Press the Control key, release it, and then press the subsequent keys.
->	Indicates menu item selection in a graphical user interface.	File -> New -> Templates	From the File menu, choose New. From the New submenu, choose Templates.

Shell Prompts in Command Examples

The following table shows default system prompts and superuser prompts.

Table P–4 Shell Prompts


Shell	Prompt
C shell on UNIX and Linux systems	`machine_name%`
C shell superuser on UNIX and Linux systems	`machine_name#`
Bourne shell and Korn shell on UNIX and Linux systems	`$`
Bourne shell and Korn shell superuser on UNIX and Linux systems	`#`
Microsoft Windows command line	`C:\`