Federation Management

In 2001, Sun Microsystems joined with other companies to form the Liberty Alliance Project. This project defined standards for developing identity-based infrastructures, software, and web services.

Initially, Access Manager implemented the Identity Federation Framework (Liberty ID-FF) specification, including account federation, authentication domains, and single sign-on (SSO). Subsequent releases of Access Manager added new features, as defined in version 1.2 of the Liberty ID-FF specifications and the version 1.0 specifications of the Liberty Identity Web Services Framework (Liberty ID-WSF). Web services include a framework for retrieving and updating identity data that consists of attributes stored in identity-based service providers across the Internet. A client application programming interface (API) for communication between identity providers and service providers is also provided.

Access Manager 7 2005Q4 provides additional functionality. For example, Access Manager provides the ability to bulk-federate user accounts to applications that are out-sourced to business partners and to map configured roles between the identity provider and the service provider.

For more information, see the Sun Java System Access Manager 7 2005Q4 Federation and SAML Administration Guide. This guide includes an introduction to the open-standard specifications used to develop these features and information about how Access Manager has implemented them. It also includes information about integrated web services and summaries of the application programming interface (API).