index.html revision 4fe4e4f798a84a46e567f64ceadd3648eb0582d4
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna Copyright (c) 2007 Sun Microsystems Inc. All Rights Reserved
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna The contents of this file are subject to the terms
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna of the Common Development and Distribution License
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna (the License). You may not use this file except in
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna compliance with the License.
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna You can obtain a copy of the License at
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna https://opensso.dev.java.net/public/CDDLv1.0.html or
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna See the License for the specific language governing
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna permission and limitations under the License.
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna When distributing Covered Code, include this CDDL
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna Header Notice in each file and include the License file
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna If applicable, add the following below the CDDL Header,
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna with the fields enclosed by brackets [] replaced by
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna your own identifying information:
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna "Portions Copyrighted [year] [name of copyright owner]"
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna $Id: index.html,v 1.6 2008/08/19 19:12:14 veiming Exp $
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<link rel="stylesheet" type="text/css" href="/com_sun_web_ui/css/css_ns6up.css" />
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<div class="MstDiv"><table width="100%" border="0" cellpadding="0" cellspacing="0" class="MstTblTop" title="">
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<table width="100%" border="0" cellpadding="0" cellspacing="0" class="MstTblBot" title="">
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<div class="MstDivTtl"><img name="ProdName" src="/console/images/PrimaryProductName.png" alt="" /></div></td><td class="MstTdLogo" width="1%"><img name="RMRealm.mhCommon.BrandLogo" src="/com_sun_web_ui/images/other/javalogo.gif" alt="Java(TM) Logo" border="0" height="55" width="31" /></td></tr></tbody></table>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<table class="MstTblEnd" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td><img name="RMRealm.mhCommon.EndorserLogo" src="/com_sun_web_ui/images/masthead/masthead-sunname.gif" alt="Sun(TM) Microsystems, Inc." align="right" border="0" height="10" width="108" /></td></tr></tbody></table></div><div class="SkpMedGry1"><a name="SkipAnchor2089" id="SkipAnchor2089"></a></div>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<div class="SkpMedGry1"><a href="#SkipAnchor4928"><img src="/com_sun_web_ui/images/other/dot.gif" alt="Jump Over Tab Navigation Area. Current Selection is: Access Control" border="0" height="1" width="1" /></a></div>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<table border="0" cellpadding="10" cellspacing="0" width="100%">
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaThis sample illustrates the use case where there are multiple
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunafederation protocols in one circle of trust. <br><br>In this sample, user will
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunacreate a circle of trust containing one multi-federation protocol Identity
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaProvider instance and three Service Provider instances speaking ID-FF, SAMLv2
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaand WS-Federation protocol respectively.<br>
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaThe sample demonstrates following scenarios among different federation protocols:
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna <li>SP initiated Single Sign On cross different federation protocols<br></li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna <li>SP initiated Single Log out cross different federation protocols</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna <li>IDP initiated Single Log out cross different federation protocols</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaTo run and test the sample, you need four OpenSSO instances: <br>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna <li>one instance configured as SAMLv2/ID-FF/WS-Federation Identity Providers</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna <li>one instance configured as SAMLv2 Service Provider. </li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna <li>one instance configured as ID-FF Service Provider. </li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna <li>one instance configured as WS-Federation Service Provider. </li>
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaTo configure this sample:
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>You must start the configuration from a Service Provider instance. Access the configure.jsp under the Service Provider instance, e.g. http://<sp-host>:<port>/<uri>/samples/multiprotocol/sp/configure.jsp. </li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>Enter the remote Identity Provider information, including Federation Protocol, HTTP protocol, host name, port and deployment URI. Click "Configure" button to setup service provider side metadata.</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>Once the service provider side configuration is done, a link will be shown to redirect you to the IDP side configuration page. Click the "here" link in the message "Click here to configure remote Identity Provider", you will be redirected to Identity Provider side to setup corresponding metadata.</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>If you have not login to the Identity Provider yet, you will be prompted with a link to authenticate to the Identity Provider.</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>Identity Provider will setup the required metadata information to establish the trust between the SP and IDP</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>After the configuration on identity provider side is completed, you will be redirected back to the service provider page.</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>Repeat step 1-6 on remaining two Service Provider instances by selecting different Federation protocol (e.g. SAMLv2, ID-FF and WS-Federation) at step 2.
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaThe configuration performs following tasks:
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>On service provider side, loads the meta data of the hosted service provider and remote identity provider.</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>On identity provider side, loads the meta data of the hosted identity provider and remote service provider.</li>
88f608b8855a99b19653376900fc5f234b7e771cDavid Luna<li>On both service provider and identity provider side, creates a sample circle-of-trust named "samplemultiprotocolcot", and add the service provider and identity provider to the circle-of-trust.<br>
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaTo configure this instance as a <b>Service Provider</b>,
88f608b8855a99b19653376900fc5f234b7e771cDavid Lunaclick <a class="named" href="sp/configure.jsp">here</a>.
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaTo view current configuration on the <b>Identity Provider</b>, click <a class="named" href="idp/configure.jsp">here</a>.
88f608b8855a99b19653376900fc5f234b7e771cDavid LunaTo try out the multi-federation protocol use cases, follow the <a class="named" href="demo/Readme.html">Readme.</a>