Because this change requires a full restart of the WebLogic Server, I usually do it with the LDAP Authentication Provider but for this example, I will split things and only talk about the SAML2 part. That’s what I will show below, so it is pretty different to what is done in the example.Īlright, so the first thing to be done is to create a new Authentication Provider using the SAML2IdentityAsserter type. For the Client side, they are however using a manual creation of the IdP Partner, importing the SSL Certificate, defining the URLs, aso… A simpler & faster approach is to use a metadata file that can be extracted/exported from the Server side which contains all these information and then imported into the Client side. In the WebLogic examples provided with the OFM full installation, there is a complete example for SAML2 on both Server and Client sides. In this blog, I will SAML 2.0 and I will assume that there is already an Identity Provider (“ Server side“) that has been configured and I will configure a WebLogic Server (“ Client side” = Service Provider) to use this Identity Provider using a WebSSO partner. ![]() Indeed, it doesn’t work for everything and in addition to that, most of the steps that will be needed are outside of an edit session and therefore can’t be recorded. In addition to that, you might think about just recording the steps in the WebLogic Administration Console so that it would create you the needed WLST scripts (just like for the LDAPs provider creation). Maybe there are some but if so, it looks like they are pretty well hidden. ![]() When I searched for it, I didn’t find even a single one explaining how it could be done without. Just like for the LDAP Authentication Provider, there are plenty of examples on the internet to do just that but they are all always using the GUI. Therefore, in this blog, we will take a look at that second part. ![]() That was only a first step needed in order to automate the setup of a SAML2 Single Sign-On linked with the authentication from a LDAPs. My initial goal wasn’t just to setup an LDAP/LDAPs on WebLogic Server. In a previous blog, I explained how it is possible to create an LDAP/LDAPs Authentication Provider on WebLogic.
0 Comments
Leave a Reply. |