Identify Server :
http://docs.sun.com/source/817-5706/1_intro.html It based on Directory Server (LDAP), provide < Identity Management , Access Management , Service Management ,Federation Mangement >
Identity Administration
Identity Server provides an identity framework for creating and managing directory objects such as organizations, groups, roles, and userIDs. When you use Identity Server to create or modify user objects, you update the entries stored in Directory Server. Identity Server schema includes pre-defined administrator userIDs and associated access control instructions (ACIs). This makes it possible to delegate user management tasks to various administrators—and to non-administrators as well—in the enterprise. The Identity Management functionality is further described in Chapter 2, "Identity Management".
Access Management
Identity Server implements authentication service and policy administration to regulate access to a company’s information and applications. These features make it possible to verify that a user is who he says he is, and that the user is authorized to access web or application servers deployed within the enterprise. The Access Management functionality is further described in Chapter 3, "Access Management".
Service Management
Identity Server provides a service management SDK that gives application developers the interfaces necessary to register and un-register services as well as to manage schema and configuration information. It also provides a number of services that it uses for authentication and for its own administration. The Service Management functionality is further described in Chapter 4, "Services Management".
Federation Management
Identity federation allows a user to link the many local identities he has configured among multiple service providers. With one federated identity, the individual can log in at one service provider’s site and move to an affiliated service provider site without having to re-authenticate or re-establish his identity. The Federation Management functionality is further described in Chapter 5, "Federation Management".
Directory Server
http://docs.sun.com/source/817-5217/intro.html
Difference from Database:
- Hierarchical naming model
A hierarchical naming model uses the concept of containment to reduce ambiguity between names and simplify administration. The name for most objects in the directory is relative to the name of some other object which conceptually contains it. For example, the name of an object representing an employee of a particular company contains the name of the object representing the company, and the name of the company might contain the name of the objects representing the country where the company operates, e.g. cn=John Smith, o=Example Corporation, c=US. Together the names of all objects in the directory service form a tree, and each Directory Server holds a branch of that tree, which in the Sun Java System Directory Server documentation is also referred to as a suffix. - Extended search capability
Directory services provide robust search capabilities, allowing searches on individual attributes of entries. - Distributed information model
A directory service enables directory data to be distributed across multiple servers within a network. - Shared network access
While databases are defined in terms of APIs, directories are defined in terms of protocols. Directory access implies network access by definition. Directories are designed specifically for shared access among applications. This is achieved through the object-oriented schema model. By contrast, most databases are designed for use only by particular applications and do not encourage data sharing. - Replicated data
Directories support replication (copies of directory data on more than one server) which make information systems more accessible and more resistant to failure. - Datastore optimized for reads
The storage mechanism in a directory service is generally designed to support a high ratio of reads to writes. - Extensible schema
The schema describes the type of data stored in the directory. Directory services generally support the extension of schema, meaning that new data types can be added to the directory.
Portal Server
http://docs.sun.com/source/817-5321/1-portal.html
Trackback: http://tb.donews.net/TrackBack.aspx?PostId=173167