Skip to Main Content

Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback, please email oracle-forums_moderators_us@oracle.com

Implementing SAML2 SSO with an ADF Application - List of change on the APP.

Elio KhattarMar 7 2023 — edited Mar 7 2023

Hello,

In brief, I need the list of steps/modifications needed in an ADF application to enable it to perform SAML 2.0 web-SSO.

  • The application is hosted on the weblogic server (which acts as the SP - service provider)
  • A standalone identity server (WSO2 ISKM) is configured as the IP / Identity Provider.

All the configurations required at WLS level are done following this guide:

Configuring SAML 2.0 Services (oracle.com)

At this point, i cannot find any documentation that states the required steps/modification at the ADF application level itself to use the SAML.

Also at this time, trying to login to the application does not seem to trigger any SAML request (installed SAML tracer browser plugin + enabled SAML logging at the WLS console level).

Points to consider:

The current version of the application (prior to adding SAML 2.0 SSO, uses a “Read-only SQL Authenticator”.

Here are some important entries from the web.xml , with SQL authenticator
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/faces/login.jsf</form-login-page>
<form-error-page>/faces/login.jsf</form-error-page>
</form-login-config>
</login-config>

Also tried to change it to this, with no changes in the behaviour
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>myrealm</realm-name>
</login-config>

Other considerations:

  • The app is currently under ADF 12.1.3 (and being migrated to 12.2.1.4 (separate non-related project)

Appreciate your guidance on how to proceed by providing some resources on what to change IN THE ADF PAGE ITSELF, (not how to configure WLS)

thank you

Comments
Post Details
Added on Mar 7 2023
2 comments
446 views