Weblogic Standard SSO solution
Weblogic provides the possibility to configure an SSO infrastructure through the means of an SAML Identity Asserter. You can have a look at an example of how to achieve this in the following blog article
However, as you can see, it does take a lot of configuration steps to achieve and in the end it restricts you in certain ways. The most obvious which we encountered while working with it is the inability to provide another path for the SAML servlet, which is hardcoded to “/”. This means that you always need to set your endpoint for Service Providers to <domain>/saml2, this in turn means that it is very difficult to have multiple applications using the same domain and grouped with URL paths. For example, you will have issues if you have applications <domain>/application1 and <domain>/application2. The workaround for this would be to have the applications under subdomains, like: http://application1.domain.local; http://application2.domain.local.
Custom SSO on Weblogic
We were recently asked by a customer to come up with a SSO solution which requires slightly more flexibility than that of the standard way. Plus, we wanted to have more control on the entire process, on the encryption algorithms and so on. Read the complete article here.
For regular information become a member in the WebLogic Partner Community please visit: http://www.oracle.com/partners/goto/wls-emea ( OPN account required). If you need support with your account please contact the Oracle Partner Business Center.