|
|  以 PDF 格式下载本书 (2148 KB)
| | | |
| A |
|
| access control (  ) |
|
| account lockout |
| | memory ( ) |
| | physical ( ) |
|
| Administration service ( ) |
|
| administrator interface ( ) |
|
| advice message ( ) |
|
| affiliate entity ( ) |
|
| agent profiles, and realm ( ) |
|
| agents ( ) |
|
| AMAgent.properties ( ) |
|
| arg login URL parameter ( ) |
|
| attribute federation, See auto-federation |
|
| Attribute Mapper ( ) |
|
| attributes |
| | Authentication Web Service ( ) |
| | Discovery Service ( ) |
| | Liberty Personal Profile Service ( ) |
| | non-default federation ( ) |
| | SOAP Binding Service ( ) |
|
| audience for this guide ( ) |
|
| authentication |
| | account lockout |
| | | memory ( ) |
| | | physical ( ) |
| | and realm ( ) |
| | authentication types ( ) |
| | FQDN mapping ( ) |
| | login URLs ( ) |
| | | authentication level ( ) |
| | | realm ( ) |
| | | service ( ) |
| | | user ( ) |
| | methods |
| | | resource ( ) |
| | multiple LDAP configurations ( ) |
| | persistent cookies ( ) |
| | realm |
| | | redirection URLs ( ) |
| | realm values ( ) |
| | redirection URLs |
| | | authentication level-based ( ) |
| | | service ( ) |
| | | user ( ) |
| | session upgrade ( ) |
| | types |
| | | authentication level ( ) |
| | | module ( ) |
| | | realm ( ) |
| | | role ( ) |
| | | service ( ) |
| | | user ( ) |
| | user interface |
| | | login URL ( ) |
|
| authentication chains ( ) |
| | create ( ) |
|
| authentication level authentication login URLs ( ) |
|
| authentication level authentication type ( ) |
| | configuring ( ) |
|
| authentication level-based redirection URLs ( ) |
|
| authentication modules ( ) |
| | configure ( ) |
| | Core ( ) |
| | global values ( ) |
|
| authentication properties, Core ( ) |
|
| authentication types ( ) |
| | authentication level ( ) |
| | | configuring ( ) |
| | module ( ) |
| | | configuring ( ) |
| | realm ( ) |
| | | configuring ( ) |
| | role ( ) |
| | role-based |
| | | configuring ( ) |
| | service ( ) |
| | | configuring ( ) |
| | user ( ) |
| | | configuring ( ) |
|
| Authentication Web Service, attribute ( ) |
|
| authlevel login URL parameter ( ) |
|
| Authorizer ( ) |
|
| auto-creation ( ) |
|
| auto-federation ( ) |
| | ID-FF ( ) |
| | SAMLv2 ( ) |
| | | |
| B |
|
| backup, configuration data ( ) |
|
| basic authentication ( ) |
|
| bootstrapping discovery service ( ) |
|
| bootstrapping Discovery Service ( ) |
|
| bulk federation ( ) |
| | | |
| C |
|
| circle of trust ( ) |
| | add providers ( ) |
| | create ( ) ( ) |
| | delete ( ) |
| | modify ( ) |
|
| conditions ( ) |
| | advice messages ( ) |
| | Authentication by Module Chain ( ) |
| | Authentication by Module Instance ( ) |
| | Authentication Level ( ) |
| | IP Address/DNS Name ( ) |
|
| Conditions |
| | LDAP Filter ( ) |
|
| conditions |
| | session property ( ) |
|
| Conditions |
| | Time ( ) |
|
| configuration data, backup and restore ( ) |
|
| console ( ) |
| | administrator interface ( ) |
| | legacy support ( ) |
| | user interface ( ) |
| | | login URL ( ) |
|
| containers ( ) |
|
| Containers ( ) |
| | Creating ( ) |
| | Deleting ( ) |
|
| Core authentication module ( ) |
|
| create entities, with ssoadm ( ) |
|
| create policy ( ) |
|
| Current Sessions |
| | Interface ( ) |
| | Session Management |
| | | Terminating a Session ( ) |
| | Session Management Window ( ) |
| | | |
| D |
|
| data stores, and realm ( ) |
|
| debug files ( ) |
|
| Directory Management ( ) |
|
| Discovery Service ( ) |
| | attributes ( ) |
|
| discovery service, bootstrapping ( ) |
|
| Discovery Service |
| | bootstrapping ( ) |
| | resource offerings ( ) |
|
| documentation |
| | collections ( ) |
| | OpenSSO Enterprise ( ) |
| | related product ( ) |
|
| domain login URL parameter ( ) |
|
| dynamic identity provider proxying ( ) |
| | | |
| E |
|
| enable auto-creation ( ) |
|
| entities |
| | create ( ) |
| | creating with ssoadm ( ) |
|
| entity |
| | affiliate ( ) |
| | provider ( ) |
| | | |
| F |
|
| federation |
| | auto-federation ( ) |
| | bulk federation ( ) |
| | configure global logout ( ) |
| | configure pre-login ( ) |
| | dynamic identity provider proxying ( ) |
| | entities |
| | | creating with ssoadm ( ) |
| | entities and circles of trust ( ) |
| | identity provider metadata sample ( ) |
| | metadata ( ) |
| | non-default attributes ( ) |
| | pre-login URL ( ) |
| | service provider metadata sample ( ) |
|
| Federation Operations, Finding an Identity Provider for Authentication ( ) |
|
| forceAuth login URL parameter ( ) |
|
| FQDN mapping, and authentication ( ) |
| | | |
| G |
|
| global logout, configure ( ) |
|
| Globalization Settings ( ) |
|
| goto login URL parameter ( ) |
|
| gotoOnFail login URL parameter ( ) |
|
| group, subjects ( ) |
|
| Group Containers ( ) |
| | Creating ( ) |
| | Deleting ( ) |
|
| Groups ( ) |
| | Adding to a Policy ( ) |
| | Create a Managed Group ( ) |
| | Membership by Filter ( ) |
| | Membership by Subscription ( ) |
| | | |
| I |
|
| ID-FF, auto-federation ( ) |
|
| ID-FF writer service URL ( ) |
|
| ID—FF Identity Provider Introduction service, configuring ( ) |
|
| Identity Management ( ) |
| | Containers ( ) |
| | | Creating ( ) |
| | | Deleting ( ) |
| | Group Containers ( ) |
| | | Creating ( ) |
| | | Deleting ( ) |
| | Groups ( ) |
| | | Adding to a Policy ( ) |
| | | Create a Managed Group ( ) |
| | | Membership by Filter ( ) |
| | | Membership by Subscription ( ) |
| | Organizations ( ) |
| | | Adding to a Policy ( ) |
| | | Creating ( ) |
| | | Deleting ( ) |
| | People Containers ( ) |
| | | Creating ( ) |
| | | Deleting ( ) |
| | Roles ( ) |
| | | Adding to a Policy ( ) |
| | | Adding Users to ( ) |
| | | Creating ( ) |
| | | Removing Users from ( ) |
| | Users ( ) |
| | | Adding to a Policy ( ) |
| | | Adding to Services, Roles and Groups ( ) |
| | | Creating ( ) |
|
| identity provider, metadata sample ( ) |
|
| IDP Discovery Server, SAMLv2 ( ) |
|
| idpMNIPOST.jsp ( ) |
|
| idpMNIRedirect.jsp ( ) |
|
| idpMNIRequestInit.jsp ( ) |
|
| IDTokenN login URL parameter ( ) |
|
| interfaces |
| | Authorizer ( ) |
| | ResourceIDMapper ( ) |
|
| iPSPCookie login URL parameter ( ) |
| | | |
| J |
|
| JSP |
| | idpMNIPOST.jsp ( ) |
| | idpMNIRedirect.jsp ( ) |
| | idpMNIRequestInit.jsp ( ) |
| | spMNIPOST.jsp ( ) |
| | spMNIRedirect.jsp ( ) |
| | spMNIRequestInit.jsp ( ) |
| | | |
| L |
|
| LDAP authentication, multiple configurations ( ) |
|
| LDAPv3–compliant directory ( ) |
|
| legacy support ( ) |
|
| Liberty Personal Profile Service, attributes ( ) |
|
| libIDPDiscoveryConfig.properties ( ) |
|
| load balancing ( ) |
|
| locale login URL parameter ( ) |
|
| login URL parameters ( ) |
|
| login URLs |
| | and authentication ( ) |
| | authentication level ( ) |
| | realm authentication ( ) |
| | service ( ) |
| | user ( ) |
| | | |
| M |
|
| Managing OpenSSO Enterprise Objects ( ) |
|
| memory account lockout ( ) |
|
| metadata |
| | federation ( ) |
| | identity provider sample ( ) |
| | managing with ssoadm ( ) |
| | service provider sample ( ) |
|
| methods |
| | authentication |
| | | resource ( ) |
|
| module authentication type ( ) |
| | configuring ( ) |
|
| module login URL parameter ( ) |
| | | |
| N |
|
| name identifiers ( ) |
|
| naming service, and policy ( ) |
|
| non-default federation attributes ( ) |
| | | |
| O |
|
| org login URL parameter ( ) |
|
| Organizations ( ) |
| | Adding to a Policy ( ) |
| | Creating ( ) |
| | Deleting ( ) |
|
| overview |
| | authentication |
| | | login URL ( ) |
| | auto-creation ( ) |
| | auto-federation ( ) |
| | bulk federation ( ) |
| | dynamic identity provider proxying ( ) |
| | policy agents ( ) |
| | policy process ( ) |
| | pre-login URL ( ) |
| | | |
| P |
|
| parameters, pre-login URL ( ) |
|
| password, change ( ) |
|
| Password Reset ( ) |
|
| People Containers ( ) |
| | Creating ( ) |
| | Deleting ( ) |
|
| PersistAMCookie login URL parameter ( ) |
|
| persistent cookies, and authentication ( ) |
|
| persistent name identifier ( ) |
|
| physical account lockout ( ) |
|
| policies |
| | conditions ( ) |
| | | advice messages ( ) |
|
| policy ( ) |
| | and naming service ( ) |
| | and realm ( ) |
| | create ( ) |
| | | console ( ) |
| | | referral ( ) |
| | | ssoadm ( ) |
| | creating ( ) |
| | modify ( ) |
| | policy types ( ) |
| | referral ( ) |
| | | modify ( ) ( ) |
| | | referrals ( ) |
| | | rules ( ) |
| | resource authentication ( ) |
| | rules ( ) |
| | subjects ( ) |
|
| policy agents |
| | overview ( ) |
| | process ( ) |
|
| Policy Configuration service ( ) |
|
| policy types ( ) |
|
| pre-login, configure ( ) |
|
| pre-login URL ( ) |
| | configure ( ) |
| | parameters ( ) |
|
| prerequisites for this guide ( ) |
|
| privileges |
| | and realm ( ) |
| | upgrade ( ) |
|
| procedures |
| | store resource offerings ( ) ( ) ( ) |
|
| provider entity ( ) |
| | | |
| Q |
|
| query parameter ( ) |
| | | |
| R |
|
| reader service URL ( ) |
|
| realm authentication login URLs ( ) |
|
| realm authentication redirection URLs ( ) |
|
| realm authentication type ( ) |
| | configuring ( ) |
|
| realm login URL parameter ( ) |
|
| realms ( ) |
| | adding service ( ) |
| | agent profiles ( ) |
| | authentication ( ) |
| | creating ( ) |
| | data stores ( ) |
| | general properties ( ) |
| | modifying ( ) |
| | modifying service ( ) |
| | policy ( ) |
| | privileges ( ) |
| | | upgrade ( ) |
| | services ( ) |
| | subject ( ) |
| | subjects ( ) |
| | | group ( ) |
| | | user ( ) |
|
| redirection URLs |
| | authentication level-based ( ) |
| | realm ( ) |
| | service ( ) |
| | user ( ) |
|
| referral, create ( ) |
|
| referral policy ( ) |
|
| referrals, create ( ) |
|
| related guides ( ) |
|
| request handler ( ) |
|
| resource authentication ( ) |
|
| resource offering, for bootstrapping ( ) |
|
| resource offerings |
| | as dynamic attributes ( ) |
| | as user attributes ( ) |
| | storing ( ) |
|
| resource offerings for bootstrapping ( ) |
|
| ResourceID Mapper ( ) |
|
| restore, configuration data ( ) |
|
| role authentication type ( ) |
|
| role-based authentication type, configuring ( ) |
|
| role login URL parameter ( ) |
|
| Roles ( ) |
| | Adding to a Policy ( ) |
| | Adding Users to ( ) |
| | Creating ( ) |
| | Removing Users from ( ) |
|
| rules ( ) |
| | | |
| S |
|
| SAML ( ) |
| | Attributes ( ) |
| | site identifiers |
| | | configure ( ) |
| | target URL ( ) |
| | trusted partner |
| | | configure step 1 ( ) |
| | | configure step 2 ( ) |
|
| SAML v2 Plug-in for Federation Services, and AMAgent.properties ( ) |
|
| SAMLv2 |
| | auto-federation ( ) |
| | IDP Discovery Service ( ) |
|
| SAMLv2 IDP Discovery service |
| | configuring |
| | | URLs ( ) |
|
| SAMLv2 reader service URL ( ) |
|
| SAMLv2 writer service URL ( ) |
|
| Secure Socket Layer/Transport Layer Security, See SSL/TLS |
|
| security |
| | SOAP binding ( ) |
| | XML encryption ( ) |
| | XML signing ( ) |
|
| service authentication login URLs ( ) |
|
| service authentication redirection URLs ( ) |
|
| service authentication type ( ) |
| | configuring ( ) |
|
| service login URL parameter ( ) |
|
| service provider, metadata sample ( ) |
|
| services |
| | adding to realm ( ) |
| | and realm ( ) |
| | Discovery Service ( ) |
| | Globalization Settings ( ) |
| | modifying properties ( ) |
| | Password Reset ( ) |
| | Policy Configuration ( ) |
| | Session ( ) |
| | User ( ) |
|
| Session service ( ) |
|
| session upgrade, and authentication ( ) |
|
| single sign-on, See SSO |
|
| single sign-on with transient name identifier ( ) |
|
| site identifiers ( ) |
|
| SOAP binding ( ) |
| | basic authentication ( ) |
| | SSL/TLS ( ) |
| | SSL/TLS client authentication ( ) |
| | SSL/TLS server authentication ( ) |
|
| SOAP Binding Service |
| | attributes ( ) |
| | request handler ( ) |
|
| spMNIPOST.jsp ( ) |
|
| spMNIRedirect.jsp ( ) |
|
| spMNIRequestInit.jsp ( ) |
|
| SSL/TLS ( ) |
| | client authentication ( ) |
| | server authentication ( ) |
|
| SSO, use cases ( ) |
|
| SSO without service provider user account ( ) |
|
| ssoadm, See do-bulk-fed-data |
|
| ssoadm |
| | and metadata ( ) |
| | create entities ( ) |
|
| subject, and realm ( ) |
|
| subjects ( ) ( ) |
| | group ( ) |
| | user ( ) |
| | | |
| T |
|
| target URLs ( ) |
|
| Terminating a Session ( ) |
|
| transient name identifier ( ) |
|
| trusted partners ( ) |
| | | |
| U |
|
| use cases |
| | access control ( ) |
| | agents ( ) |
| | basic authentication ( ) |
| | enable auto-creation ( ) |
| | load balancing ( ) |
| | single sign-on with transient name identifier ( ) |
| | single sign-on without service provider user account ( ) |
| | SSL/TLS ( ) |
| | using non-default federation attributes ( ) |
|
| user, subjects ( ) |
|
| user authentication login URLs ( ) |
|
| user authentication redirection URLs ( ) |
|
| user authentication type ( ) |
| | configuring ( ) |
|
| user interface ( ) |
|
| user interface login URL ( ) |
|
| user login URL parameter ( ) |
|
| User service ( ) |
|
| Users ( ) |
| | Adding to a Policy ( ) |
| | Adding to Services, Roles, and Groups ( ) |
| | Creating ( ) |
| | | |
| X |
|
| XML encryption ( ) |
|
| XML signing ( ) |
|
