1. Single Sign-on Configuration-SAML
  2. Configuration
  3. SAML Authentication Provider configuration

2.2 SAML Authentication Provider configuration

Steps to configure SAML Authentication Providers changes into WebLogic console.

  1. Login to WebLogic console with admin login and navigate to “Security Realms”.

    Figure 2-10 Security Realms


    Security Realms

  2. → Click on myrealm or your realm name present in screen. Navigate to “Providers” tab.

    Figure 2-11 Providers


    Providers

  3. Select “DefaultAuthenticator” and change the Control Flag value to “SUFFICIENT”.

    Figure 2-12 Default Authenticator


    Default Authenticator

  4. Again, navigate to “Security Realms” → myrealms → Providers and click on New button to create new Authentication Provider.
    Fill the below mentioned fields with appropriate values and click on OK.
    1. Name: Name of authentication provider.
    2. Type : Select value as “SAML2IdentityAsserter”.

    Figure 2-13 Create Authentication Provider


    Create Authentication Provider

  5. Restart Admin Server.
  6. Login to WebLogic console and navigate to “Security Realms” → myrealms → Providers newly created authentication provider (e.g. SAML_OBDX_CONFIG) and navigate to “Management” tab.
  7. Click on New button to add the Identity Provider Partner and select “New Web Single Sign-On Identity Provider Partner”.

    Figure 2-14 Management


    Management

  8. Provide the name for the identity partner and select the IDC metadata xml copied to WebLogic server.
    Click OK button to save.

    Figure 2-15 Create a SAML 2.0 Web Single Sign-on Identity Provider Partner


    Create a SAML 2.0 Web Single Sign-on Identity Provider Partner

  9. Open the newly added Identity Provider Partner and select below mentioned checkboxes and field and click on Save.
    1. Enable: Checked
    2. Virtual User: Checked
    3. Redirect URIs: /digx-infra/admin-dashboard

    Figure 2-16 Settings for Create a SAML 2.0 Web Single Sign-on Identity Provider Partner


    Settings for Create a SAML 2.0 Web Single Sign-on Identity Provider Partner

  10. Navigate to “Environment” → “Servers” and select the server on which SSO authentication application will be deployed.

    Figure 2-17 Servers


    Servers

  11. Navigate to “Federation Services” → “SAML 2.0 General” and provide values to below mentioned fields. Click on Save.
    1. Published Site URL: Recommended URL format <OHS URL>/saml2

      e.g. <PROTOCOL>://<OHS_HOST>:<OHS_PORT>/saml2

      http://whf000xxx.bank.com:9999/saml2

    2. Entity Id: Value should match with Entity Id provided in SAML configuration in IDCS console.
    3. Recipient Check Enabled: unchecked.

    Figure 2-18 SAML 2.0 General


    SAML 2.0 General

  12. Navigate to “Federation Services” → “SAML 2.0 Service Provider” and provide values to blow mentioned fields and click on Save.
    1. Enabled: Check box should be checked.
    2. Preferred Binding: Post
    3. Default URL: <OHS_URL>/digx-infra/admin-dashboard

Parent topic: Configuration