Federation Manager Guide › Federation Manager Introduction › Federation in Your Enterprise › Federation Business Case

Federation Business Case

Understanding how Federation Manager can solve a common business problem is best illustrated by a sample business case.

In this business case, Financepro is a financial planning firm that recently bought the banking firm BankLtd to provide private banking to its clients. These two companies have different information infrastructures, but they want to appear as one company to their customers. To solve this problem, they set up a federated partnership.

By establishing a federated relationship, the two companies can provide a seamless customer experience using single sign-on. Customers can travel between Financepro and BankLtd without constantly being challenged to authenticate. Additionally, the sharing of customer identities and customer information can further customize the user experience and cross-promote financial products offered by each partner.

The following figure shows the federated partnership between Financepro and BankLtd. The flow of communication is based on Service Provider-initiated single sign-on.

In the figure, the following occurs:

1. The user tries to access a federated resource at BankLtd.
2. He is redirected to the Financepro for authentication and the assertion is generated.
3. The assertion is passed back to BankLtd.
4. Single sign-on occurs based on either a SAML HTTP-Artifact or HTTP-POST. The user gets access to the target resource.

For this partnership to work, you need to decide how the partnership functions before implementing the relationship using Federation Manager.

The issues you need to consider include:

• How users are identified across the partnership
• What attributes get sent in an assertion and for what purpose
• Which federation binding to use (SAML 2.0 POST or Artifact)

The decisions you make help structure the business partnership.