Tuesday Feb 25, 2014

OIF/OSTS Service Information

OIF and OSTS are two products designed to provide Federation capabilities across security domains:
  • Cross domain SSO for browser based Web SSO flows
  • Cross domain Web Services Security (WSS) for SOAP clients and servers via the WS-Trust protocol

Federation between services is based on trust which is established by exchanging

  • X.509 certificates used for sign/verify and encrypt/decrypt the Federation messages
  • Locations of the Federation services
  • SAML 2.0 Metadata if supported by the partners, when SAML 2.0 Federation SSO is used

In this article, I will discuss about the various kinds of information one has to know in order to be able to set up a Federation agreement between OIF and remote partners, including:

  • How to enable OIF/OSTS services
  • SAML/OpenID Identifiers for OIF/OSTS
  • SAML 2.0 Metadata
  • Certificates
  • Service endpoints
[Read More]
About

Damien Carru is a member of the Oracle Identity Management organization, focusing on Federation and SSO. This blog will cover Federation use cases involving Oracle Access Manager, Oracle Identity Federation and Oracle Security Token Service

Search

Categories
Archives
« May 2015
SunMonTueWedThuFriSat
     
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
      
Today