Monday May 05, 2014

Steps to configure Custom Identity and Custom Trust with Weblogic Server

Below are the steps to configure Custom Identity and Custom Trust with Weblogic Server :

Step 1 :

Login to Weblogic Admin console --> Environment --> Servers --> < server_name_where_ssl_has_to_be_configured > --> Configuration -> General --> SSL Listen Port Enabled ( Check )

Note : The default SSL Listen Port would be 7002, change it if required. 

Step 2 :

Click on Keystores tab under " Configuration " tab :

Step 2a :

Click on the drop down menu next to Keystores and select " Custom Identity and Custom Trust " 

Step 2b :

Now fill in the following information :

---Identity---  

Custom Identity Keystore : < location_of_identity_keystore_that_you_have_created>

NOTE : By default WLS will look for this keystore file in domain_home location.

 Custom Identity Keystore Type : jks

 Custom Identity Keystore Passphrase: < This_would_be_your_storepass >

 ---Trust---

 Custom Trust Keystore : < location_of_trust_keystore_that_you_have_created>

NOTE : By default WLS will look for this keystore file in domain_home location.

 Custom Trust Keystore Type : jks

 Custom Trust Keystore Passphrase: < This_would_be_your_storepass >

Step 2c :

Now save the changes and click on " SSL " tab :

Private Key Alias: < This_would_be_your_certificate_alias >

Private Key Passphrase: < This_would_be_your_keypass >

Step 3 :

Save the changes and click on the " >Advanced " field under the " SSL " tab :  

Set the " Hostname Verification: " to None ( from the drop down menu ).

NOTE : We need to select the hostname verification as none if the CN of the certificate is not the same as the hostname of the machine where WLS is installed. 

 Now access your Weblogic Admin console over https URL :

 " https://localhost:7002/console "


NOTE : 

To get rid of the above warnings create a csr and get it signed from a third party CA like GoDaddy, Verisign, Thawte etc and configure Custom Identity and Custom Trust in Weblogic Server.

Steps to create a csr and get it signed from a third party CA :

Link : https://blogs.oracle.com/blogbypuneeth/entry/steps_to_create_a_csr

Wednesday Dec 11, 2013

Steps to configure SAML 2.0 with Weblogic Server (using Oracle DB as a RDBMS security store)...

 What is SAML 2.0 ?

Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains.

SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, that is an identity provider, and a SAML consumer, that is a service provider

It enables cross-platform authentication between Web applications or Web services running in a WebLogic domain and Web browsers or other HTTP clients.

When users are authenticated at one site that participates in a single sign-on (SSO) configuration, they are automatically authenticated at other sites in the SSO configuration and do not need to log in separately.

One who generated the SAML token is called the Identity Provider OR Asserting Party OR Source Site.

And the one accepts the token is called the Service Provider OR Relying Party OR Destination Site.
Trust has to be established between them for SAML to work hence details of the Service Provider has to be with the Identity Provider and details of Identity Provider has to be with the Service Provider.

SAML can be classified into two types depending on the manner in which requests are obtained.

- IDP initiated ( Identity Provider Initiated )

- SP initiated ( Service Provider initiated )

-------------------------- 

- The RDBMS security store is required by the SAML 2.0 security providers in production environments so that the data they manage can be synchronized across all the WebLogic Server instances that share that data.

- Note that Oracle does not recommend upgrading an existing domain in place to use the RDBMS security store. If you want to use the RDBMS security store, you should configure the RDBMS security store at the time of domain creation. If you have an existing domain with which you want to use the RDBMS security store, create the new domain and migrate your existing security realm to it.

- For testing purpose you can use embedded LDAP instead of an external RDBMS store. 

In this post we will see how to configure SAML2 with Weblogic Server using Oracle DB as a RDBMS security store. 

[Read More]

Wednesday Jul 31, 2013

Steps to configure SAML 2.0 with Weblogic Server (using embedded LDAP as a security store - Only for Dev Environment)...

 What is SAML 2.0 ?

Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains.


SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, that is an identity provider, and a SAML consumer, that is a service provider

It enables cross-platform authentication between Web applications or Web services running in a WebLogic domain and Web browsers or other HTTP clients.

When users are authenticated at one site that participates in a single sign-on (SSO) configuration, they are automatically authenticated at other sites in the SSO configuration and do not need to log in separately.

One who generated the SAML token is called the Identity Provider OR Asserting Party OR Source Site.

And the one accepts the token is called the Service Provider OR Relying Party OR Destination Site.
Trust has to be established between them for SAML to work hence details of the Service Provider has to be with the Identity Provider and details of Identity Provider has to be with the Service Provider.

SAML can be classified into two types depending on the manner in which requests are obtained.

- IDP initiated ( Identity Provider Initiated )

- SP initiated ( Service Provider initiated )

In this post we will see how to configure Single sign-on (SSO) using SAML 2.0 in Weblogic Server. 

[Read More]
About

Oracle Fussion Middleware - WebLogic

Search

Archives
« July 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today