Sun OpenSSO Enterprise 8.0 Deployment Planning Guide

Browser-based ID-WSF Deployment

The following diagram represents the deployment architecture for ID-WSF using OpenSSO Enterprise for browsed-based clients.

Figure 10–3 Deployment Architecture for Browser-based Identity Web Services

Service Provider and Identity Provider authenticate
the user identity using SAMLv2 protocols.

Both Service Provider and Identity Provider are used for authenticating the user's identity using SAMLv2 protocols. OpenSSO Enterprise can be an Identity Provider or a Service Provider or a hosting web service in this deployment. The Service Provider and Web Services Client are in the same domain in this deployment. The Web Service Provider registers its service resource offering with the Discovery Service before it offers services to various clients. The registration can be done through either the Discovery Service protocol or out of band. The OpenSSO Enterprise can be deployed in various roles for this deployment as illustrated in the deployment architecture diagram. The following figures shows the process flow among various entities in the browser-based identity web services deployment.

Figure 10–4 Process Flow for Browser-based Identity Web Services

Text-based, needs no further explanation.