Custom SSO using Weblogic IdentityAsserter by Bogdan Zegheanu


Weblogic Standard SSO solution

Weblogic provides the possibility to configure an SSO infrastructure through the means of an SAML Identity Asserter. You can have a look at an example of how to achieve this in the following blog article

However, as you can see, it does take a lot of configuration steps to achieve and in the end it restricts you in certain ways. The most obvious which we encountered while working with it is the inability to provide another path for the SAML servlet, which is hardcoded to “/”. This means that you always need to set your endpoint for Service Providers to <domain>/saml2, this in turn means that it is very difficult to have multiple applications using the same domain and grouped with URL paths. For example, you will have issues if you have applications <domain>/application1 and <domain>/application2. The workaround for this would be to have the applications under subdomains, like: http://application1.domain.local; http://application2.domain.local.

Custom SSO on Weblogic

We were recently asked by a customer to come up with a SSO solution which requires slightly more flexibility than that of the standard way. Plus, we wanted to have more control on the entire process, on the encryption algorithms and so on. Read the complete article here.

WebLogic Partner Community

For regular information become a member in the WebLogic Partner Community please visit: ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn Forum Wiki

Technorati Tags: PaaS,Cloud,Middleware Update,WebLogic,WebLogic Community,Oracle,OPN,Jürgen Kress


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.