Deep dive into various configurations with Oracle Weblogic Server

Weblogic Security

Steps to configure SAML 2.0 with Okta as IDP and Weblogic as SP

Below are the steps to configure SAML 2.0 with Okta as Identity Provider and Weblogic as a Service Provider. Okta IDP configuration : Step 1 : Log-in to your Okta subdomain homepage to access the Application Dashboard. Now click on Applications -> Add Application -> Create New App -> select SAML 2.0 -> create Step 2 : Follow the on-screen instructions. Create a SAML integration as shown below : Enter the following : Single sign on URL...

Friday, March 11, 2016 | Weblogic Security | Read More

Steps to configure SAML SSO with ADFS (as IDP) and Weblogic Server (as SP)

Below are the steps to configure SAML 2.0 SSO using ADFS as Identity Provider and WLS as Service Provider. In this example I am using ADFS 2.0 on Windows Server 2008R2. Let's have a look at the ADFS IDP configuration first : Step 1 : Download and install ADFS 2.0 - Create a Federation Server  Step 2 : - Create a self signed certificate and configure SSL on IIS  Step 3 : - Start ADFS 2.0 Management / Configuration Wizard  - Create a new Federation Service  - Select the self-signed...

Monday, September 7, 2015 | Weblogic Security | Read More

X509 Certificate Revocation Checking using OCSP (Online Certificate Status Protocol) in Weblogic Server

In this post we will see how to configure OCSP based certificate revocation check in Weblogic Server : - First we need to create a self-signed certificate and get it signed from an internal CA (created using openssl) - Then create another self-signed certificate and get it signed from the same CA. Now lets revoke this certificate. - Establish a two-way SSL communication between browser and WLS. - Configure WLS to enable OCSP (Online Certificate Status Protocol) check. - Connect to...

Monday, August 31, 2015 | Weblogic Security | Read More

Steps to configure Kerberos / SPNEGO / NTLM authentication with Weblogic Server running on IBM JDK (AIX machine)

AD Machine (Windows Server 2012 R2) used in this configuration is : slads.slab.bea.com  WLS 10.3.6 is installed on AIX 6.1 : celbealnx4.us.oracle.com kerberos_aix is the user created in AD which will represent the weblogic server machine.  *****************************  Step 1 : - Create a new user say, " kerberos_aix " on AD which will represent your Weblogic server instance.  Note : - The account type should be "User", not a "Computer" in the AD. - Check password never expires...

Tuesday, July 14, 2015 | Weblogic Security | Read More

How to configure a Custom IDP login page for SAML SSO in Weblogic

Configure SAML SSO with Weblogic as mentioned in the following blog post : Link :  https://blogs.oracle.com/blogbypuneeth/entry/steps_to_configure_saml_21 Lets test the IDP initiated SSO first :  In the source application if you have an <auth-method>  set to form then you would get a custom form login page. web.xml :   <login-config> <auth-method>CLIENT-CERT,FORM</auth-method> <realm-name>myrealm</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page><form-er...

Tuesday, March 31, 2015 | Weblogic Security | Read More

Steps to create a .jks keystore from .pfx file

Windows Server makes use of the pfx file to store the public and private key files. Consider a scenario where in you are exporting a pfx file from IIS server, and you need to use the same in Weblogic Server. When you are exporting a PFX file make sure you select the following option : " export the private key and include all certificates in certificate path if possible. "  So, now your PFX file contains the private key along with the other public certificates. You need to convert...

Wednesday, March 4, 2015 | Weblogic Security | Read More

Integrated Cloud Applications & Platform Services