Federation Manager creates a comprehensive security and identity management framework optimized to work with and extend an identity provider's existing security infrastructure. The following list describes some key features of Federation Manager:
Lightweight web archive (WAR) accelerates deployment of Federation Manager for service providers.
Lightweight WAR also allows for flexibility in customizing your deployment.
Exchange of credentials and security tokens across authentication domain partners for purposes of authentication and single sign-on.
Automatic federation of user accounts across multiple security domains.
Session management across authentication domains to determine when user interactions must be terminated (single logout).
Import or export the data required to establish basic federated communication between hubs and spokes.
Manages and links providers that are available to participate in an authentication domain.
Searches for available end points and identifies each provider's federation capabilities.
Exchanges SAML security assertions among providers in the authentication domain.
Provides the tools and APIs to quickly develop, register, and enable web services on the consumer and provider sides.
Data management choices include a proprietary flat file format (by default), and an LDAPv3 directory (Sun Java System Directory Server or Microsoft™ Active Directory).
Separate service configuration and user data stores.
Included service provider interfaces (SPIs) to allow customized logic during the federation process.
Support for bulk federation and auto federation.
Option to preload included samples.
Sun Java System Policy Agents 2.2 can be used in SSO mode.