What is SAML 2.0 ?
Security Assertion Markup Language 2.0 (SAML 2.0) is a version of the SAML standard for exchanging authentication and authorization data between security domains.
SAML 2.0 is an XML-based protocol that uses security tokens containing assertions to pass information about a principal (usually an end user) between a SAML authority, that is an identity provider, and a SAML consumer, that is a service provider
It enables cross-platform authentication between Web applications or Web services running in a WebLogic domain and Web browsers or other HTTP clients.
When users are authenticated at one site that participates in a single sign-on (SSO) configuration, they are automatically authenticated at other sites in the SSO configuration and do not need to log in separately.
One who generated the SAML token is called the Identity Provider OR Asserting Party OR Source Site.
And the one accepts the token is called the Service Provider OR Relying Party OR Destination Site.
Trust has to be established between them for SAML to work hence details of the Service Provider has to be with the Identity Provider and details of Identity Provider has to be with the Service Provider.
SAML can be classified into two types depending on the manner in which requests are obtained.
- IDP initiated ( Identity Provider Initiated )
- SP initiated ( Service Provider initiated )
- The RDBMS security store is required by the SAML 2.0 security providers in production environments so that the data they manage can be synchronized across all the WebLogic Server instances that share that data.
- Note that Oracle does not recommend upgrading an existing domain in place to use the RDBMS security store. If you want to use the RDBMS security store, you should configure the RDBMS security store at the time of domain creation. If you have an existing domain with which you want to use the RDBMS security store, create the new domain and migrate your existing security realm to it.
- For testing purpose you can use embedded LDAP instead of an external RDBMS store.
In this post we will see how to configure SAML2 with Weblogic Server using Oracle DB as a RDBMS security store.