By Damien Carru-Oracle on Jul 28, 2015
Sometimes the unique identifier is an attribute part of the existing LDAP user record, such as the email address or the username, while other times, the identifier only exists for the Federation SSO operation between the SP and IdP for a specific user. In the latter case, the identifier and the user it is attached to need to be stored as account linking information in a Federation Data Store.
In this article, I will show how to configure OIF to use an RDBMS as the Federation Data Store.
Important note: a persistent Federation Data Store is only required for cases where the identifiers used in the SSO responses (persistent NameID in SAML 2.0 for example) are used. It is best not to use a persistent Federation Data Store when not needed.[Read More]