How To Secure a OSB service using SAML Token or What are the Steps to Secure a OSB service using a SAML Token (Also the below steps can be used for SAML token Propagation) :
Now in order to find how to secure OSB there is a sites / videos that can help us:
- Watch this video for easy understand of how to secure OSB service. This an oracle produced Video. The link provided here is only part 1 out of 3 Parts. As always, youtube provides the links to the relevant videos once you watch the first part.
- The same can be found in this slide pack.
Before reading this blog further please view / review the above reference artefacts so that you have the basic Knowledge / context.
In order to achieve our goal there are few bits missing in the above referenced artefacts.
In order to secure a OSB service, you will need two product / parts:
1. OWSM policies. -- this is clearly articulated in the referenced artefacts above.
2. Configuration of the Weblogic Server (For the identity Provider) - This is missed out in the above reference artefact.
Note: This blog is not to pinpoint any documentation defects in the reference artefacts, please consider this blog as an additional reference material.
In order to configure the security provider or authentication provider in weblogic server, please follow this documentation:
Document: Oracle® Fusion Middleware Securing Oracle WebLogic Server 11g Release 1 (10.3.6)
Section Relevant to us would be: Configuring LDAP Authentication Providers
And one last thing that would vary for us from the reference artefacts is that the following OWSM policies need to be used instead of the policies stated in the above referenced artefacts: