IBM Tivoli Federated Identity Manager, Version 6.2.2.7
Configuring
a Liberty federation
Configure a Liberty federation by creating
the federation,
adding a partner to your federation, and providing the new federation
configuration information to your partner.
About this task
Note: Liberty protocol is being deprecated in
the Tivoli® Federated Identity
Manager 6.2.2 release.
Creating a Liberty identity provider
Create a Liberty identity provider to authenticate your
users directly or indirectly when using your service provider.
Configuring WebSphere as a point of contact server
Tivoli Federated
Identity Manager is configured by default to use Tivoli Access Manager WebSEAL as the default
point of contact server. To configure WebSphere® as your point of contact server,
you must make a configuration change.
Exporting Liberty federation properties
When you want to join a federation hosted by
a partner,
you must supply your Liberty federation configuration properties.
Obtaining metadata from a Liberty federation partner
When you want to add a partner to your Liberty single sign-on
federation, you must obtain necessary configuration information about
their Liberty federation from them.
Importing SOAP endpoint authentication information from a Liberty federation partner
Liberty provides a SOAP backchannel that is used with browser
artifact single sign-on profile, and with additional Liberty profiles
that support SOAP binding. The SOAP backchannel can optionally be
protected through the use of SSL (HTTPS endpoints). Using SSL is common
for SOAP endpoints.
Configuring the alias service for Liberty
The alias service must be configured to operate
with the
same user registry as the Tivoli Federated
Identity Manager management
service. Keep
in mind however, that support for Liberty protocol will be deprecated
in the later versions of IBM Tivoli Federated Identity Manager.