Sun Java System SAML v2 Plug-in for Federation Services User's Guide


In order to communicate using the SAML v2 profiles you need, at least, two instances of the installed SAML v2 Plug-in for Federation Services. One instance will act for the identity provider and the other will act for the service provider. To prepare your instances of the SAML v2 Plug-in for Federation Services for interactions, you need to exchange configuration information or metadata with all participating identity and service providers, import each provider's metadata using an XML-based metadata configuration file, and assemble the providers into a circle of trust. The SAML v2 Plug-in for Federation Services accomplishes all this administration and configuration using the command-line interface, saml2meta. Utility APIs can then be used to communicate with the data store, reading, writing, and managing the relevant properties and property values. More information can be found in Chapter 3, Administration.

Note –

Membership in a circle of trust is transient and might change over the life cycle of the circle as relationships among the partners themselves change.