X

Deep dive into various configurations with Oracle Weblogic Server

How to configure a Custom IDP login page for SAML SSO in Weblogic

Puneeth Prakash
Principal Software Engineer

Configure SAML SSO with Weblogic as mentioned in the following blog post :

Link :  https://blogs.oracle.com/blogbypuneeth/entry/steps_to_configure_saml_21

Lets test the IDP initiated SSO first : 

In the source application if you have an <auth-method>  set to form then you would get a custom form login page.

web.xml : 

 <login-config>
<auth-method>CLIENT-CERT,FORM</auth-method>
<realm-name>myrealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/fail_login.htm</form-error-page>
</form-login-config>    
</login-config>

Example :


When you try an SP initiated SSO, i.e you access a destination application - you get a basic challenge (from IDP) asking for the username and password. 

This basic challenge is from the default saml2.war application located in " <Oracle_Home>/wlserver/server/lib "

web.xml file is as follows :

  <login-config>
      <auth-method>BASIC_PLAIN</auth-method>
  </login-config>

You can esit the web.xml file of the default saml2.war application and change the auth-method to FORM to get a form login.

However, Oracle doesnot recommend editing the default saml2.war file.

The goal of this document is to configure a custom login page instead of a basic challenge.

Below are the steps :

- Download the sample CustomLogin application from the link below :

CustomLogin.war (DOWNLOAD)

- Deploy this application in your IDP domain. 

- Login to Weblogic console on IDP domain -> <server> -> Federation Services -> SAML 2.0 Identity Provider -> Login Customized ( enable )

Login URL:  /CustomLogin/saml2login

- Now test an SP initiated SSO, you should see a CustomLogin page ( FORM page ) from the CustomLogin.war application.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.Captcha