Sun Java System Access Manager 7 2005Q4 Federation and SAML Administration Guide

Federation Graphical User Interface

The Federation component uses JavaServer Pages™ (JSP™) to define its look and feel. JSP are HTML files that contain additional code to generate dynamic content. More specifically, a JavaServer page contains HTML code to display static text and graphics, as well as application code to generate information. When the page is displayed in a web browser, it contains both the static HTML content and, in the case of the Federation component, dynamic content retrieved through calls to the Federation API. An administrator can customize the look and feel of the interface by changing the HTML tags in the JSP but the invoked APIs must not be changed.

The JSP are located in /AccessManager-base/SUNWam/web-src/services/config/federation/default. The files in this directory provide a default interface to the Federation component. To customize the pages for a specific organization, this default directory can be copied and renamed to reflect the name of the organization (or any value). This directory would then be placed at the same level as the default directory, and the files within this directory would be modified as needed. The following table lists the JSP including details on what each page is used for and the invoked APIs that cannot be modified. For more information about modifying these pages to customize the console, see the Sun Java System Access Manager 7 2005Q4 Developer’s Guide.

JSP Name and Implemented APIs	Purpose
`CommonLogin.jsp` Invoked APIs are: `LibertyManager.getLoginURL(request)` `LibertyManager.getInterSiteURL(request)` `LibertyManager.getIDPList(providerID)` `LibertyManager.getNewRequest(request)` `LibertyManager.getSuccintID(idpID)` `LibertyManager.cleanQueryString(request)`	Displays a link to the local login page as well as links to the login pages of the trusted identity providers. This page is displayed when a user is not logged in locally or with an identity provider. The list of identity providers is obtained by using the `getIDPList(hostedProviderID)` method.
`Error.jsp`	Displays an error page when an error has occurred. No APIs are invoked.
`Federate.jsp` Invoked APIs are: `LibertyManager.isLECPProfile(request)` `LibertyManager.getAuthnRequestEnvelope(request)` `LibertyManager.getUser(request)` `LibertyManager.getProvidersToFederate(providerID,userDN)`	Displays when a user clicks a federate link on a provider page. Contains a drop-down of all providers with which the user is not yet federated. This list is constructed by using the `getProvidersToFederate(userName,providerID)` method.
`FederationDone.jsp` Invoked API is: `LibertyManager.isFederationCancelled(request)`	Displays the status of a federation (success or cancelled). This page checks the status by using the `isFederationCancelled(request)` method.
`Footer.jsp`	Displays a branded footer that is included on all the pages. No APIs are invoked.
`Header.jsp`	Displays a branded header that is included on all the pages. No APIs are invoked.
`ListOfCOTs.jsp` Invoked API is: `LibertyManager.getListOfCOTs(providerID)`	Displays a list of circles of trust. When a user is authenticated by an identity provider and the service provider belongs to more than one circle of trust, the user is shown this JSP and is prompted to select an authentication domain as their preferred domain. In the case that the provider belongs to only one domain, this page will not be displayed. The list is obtained by using the `getListOfCOTs(providerID)` method.
`LogoutDone.jsp` Invoked API is: `LibertyManager.isLogoutSuccess(request)`	Displays the status of the local logout operation.
`NameRegistration.jsp` Invoked APIs are: `LibertyManager.getUser(request)` `LibertyManager.getRegisteredProviders(userDN)`	Displays when the Name Registration link is clicked on a provider page. When a federated user chooses to register a new Name Identifier from a service provider to an identity provider, this JSP is displayed.
`NameRegistrationDone.jsp` Invoked APIs are: `LibertyManager.isNameRegistrationSuccess(request)` `LibertyManager.isNameRegistrationCanceled(request)`	Displays the status of `NameRegistration.jsp`. When finished, this page is displayed.
`Termination.jsp` Invoked APIs are: `LibertyManager.getUser(request)` `LibertyManager.getFederatedProviders(userDN)`	Displays when a user clicks a defederate link on a provider page. Contains a drop-down of all providers to which the user has federated and from which the user can choose to defederate. The list is constructed by using the `getFederatedProviders(userName)` method, which returns all active providers to which the user is already federated.
`TerminationDone.jsp` Invoked APIs are: `LibertyManager.isTerminationSuccess(request)` `LibertyManager.isTerminationCanceled(request)`	Displays the status of federation termination (success or cancelled). Status is checked using the `isTerminationCancelled(request)` method.