Wednesday Jul 15, 2015

Steps to configure Kerberos / SPNEGO / NTLM authentication with Weblogic Server running on IBM JDK (AIX machine)

There are many JAAS parameters deprecated in different IBM JDK versions.

Have a look at the following link which has more information about the same :

Link : http://www-01.ibm.com/support/knowledgecenter/SSYKE2_7.0.0/com.ibm.java.security.component.70.doc/security-component/jgssDocs/jaas_login_user.html

The searching sequence for a default keytab would be:

1, System property or system environment KRB5_KTNAME.

2, The value of default_keytab_name in libdefaults section in krb5.conf file.

3, if user.home is defined, look for user.home/krb5.keytab

4, if user.dir is defined, look for user.dir/krb5.keytab

5, otherwise, use /krb5.keytab

Have a look at the following link to configure Kerberos with Weblogic Server running on Oracle JDK : 

Link : https://blogs.oracle.com/blogbypuneeth/entry/configure_kerberos_with_weblogic_server

In this post we will see how to configure Single sign-on (SSO) using Kerberos in Weblogic Server running on IBM JDK. 

[Read More]

Wednesday Jul 31, 2013

Steps to configure SAML 2.0 with Weblogic Server (using embedded LDAP as a security store - Only for Dev Environment)...

 What is SAML 2.0 ?

Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains.


SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, that is an identity provider, and a SAML consumer, that is a service provider

It enables cross-platform authentication between Web applications or Web services running in a WebLogic domain and Web browsers or other HTTP clients.

When users are authenticated at one site that participates in a single sign-on (SSO) configuration, they are automatically authenticated at other sites in the SSO configuration and do not need to log in separately.

One who generated the SAML token is called the Identity Provider OR Asserting Party OR Source Site.

And the one accepts the token is called the Service Provider OR Relying Party OR Destination Site.
Trust has to be established between them for SAML to work hence details of the Service Provider has to be with the Identity Provider and details of Identity Provider has to be with the Service Provider.

SAML can be classified into two types depending on the manner in which requests are obtained.

- IDP initiated ( Identity Provider Initiated )

- SP initiated ( Service Provider initiated )

In this post we will see how to configure Single sign-on (SSO) using SAML 2.0 in Weblogic Server. 

[Read More]

Saturday Jul 20, 2013

Steps to configure Kerberos / SPNEGO / NTLM authentication with Weblogic Server running on Oracle JDK :

What is Kerberos ? 

Kerberos is a computer network authentication protocol which works on the basis of "tickets" to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.

It is primarily a client–server model and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.

The Kerberos protocol name is based on the three- headed dog figure from Greek mythology known as Kerberos.

The three heads of Kerberos comprise the Key Distribution Center (KDC), the client user and the server with the desired service to access. 

The KDC is installed as part of the domain controller and performs two service functions: the Authentication Service (AS) and the Ticket-Granting Service (TGS).

Have a look at the following link if you are configuring Kerberos with WLS running on IBM JDK (AIX machine) :

https://blogs.oracle.com/blogbypuneeth/entry/steps_to_configure_kerberos_spnego

In this post we will see how to configure Single sign-on (SSO) using Kerberos in Weblogic Server. 

[Read More]
About

Oracle Fussion Middleware - WebLogic

Search

Archives
« August 2015
SunMonTueWedThuFriSat
      
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
     
Today