JOSSO.orgCommunity Documentation

Chapter 16. Security Setup

16.1. Configuring Secure Sockets Layer
16.1.1. What Is Secure Socket Layer Technology?
16.1.2. Security Identity and Access Management Services

There are two types of communication channels on top of which an identity appliance - holding identity and access management definitions - can expose network services, namely browser-facing and application-facing communication channels.

Browser-facing communication channels are intended for exchanging messages with end-users behind a web browser. For instance, an example of this is a user submitting their credentials to an identity provider, or the initiation of SAML2 based-authentication on the service provider.

In turn, application-facing communication channels are concerned with exchanging messages with application-based clients, hence realizing Application-to-Application (A2A) flows. JOSSO Agents represent the de-facto external consumer for services leveraging application-facing channels. For instance, user details are passed on to JOSSO agents through a SOAP service invocation to a server-side service servicing requests on an application-facing communication channel.

The following steps are required to enable SSL support for JOSSO2.