Identity Web Services Framework

The Web Services Framework (ID-WSF) consists of a set of schema, protocols and profiles for providing a basic identity services, such as identity service discovery and invocation. Three parties are required for identity federation in a basic Liberty Web Services environment: a user agent, a web service consumer, and a web service provider.

The Web Services Framework consists of a set of schema, protocols and profiles for providing a basic identity services, such as identity service discovery and invocation. This framework includes the following:

Authentication Web Service

An identity service that enables a web service consumer to be authenticated using the Simple Authentication and Security Layer (SASL) mechanism. SASL defines a method for adding authentication support to connection-based protocols.

Discovery Service.

An identity service that allows a requester to discover resource offerings.

SOAP Binding.

A set of Java APIs for sending and receiving ID-* messages using SOAP and XML.

Security Mechanisms.

Defines a set of authentication mechanism and security properties which are factored into authorization decisions enforced by the targeting identity-based web services. Each mechanism contains both peer entity authentication (null/TLS/CClientTLS) and message authentication (null/X509/SAML).

Interaction Service.

A protocol for simple interaction of Web Services Framework participants with a Principal.

Trusted Authority.

APIs for creating security tokens used for authentication and authorization in Liberty II-enabled services.

Metadata Service.

A library of command-line tools for loading metadata into the Access Manager data store.

Reverse HTTP Bindings.

A protocol and set of APIs for retrieving data from Access Manager via clients such as cell phones.