Online Help

SafeNet Trusted Access for Oracle WebLogic Server

Overview

Configuring SafeNet Trusted Access for Oracle WebLogic Server is a three-step process:

1.Oracle WebLogic Server setup

2.SafeNet Trusted Access setup

3.Verify authentication

Oracle WebLogic Server Setup

As a prerequisite, download the Identity Provider metadata from the SafeNet Trusted Access console by clicking on Download metadata file.

You will need this metadata in one of the steps below.

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in Oracle WebLogic Server:

1.Log in to Oracle WebLogic Server as an administrator using any of the following URLs:

http://< IP Address or FQDN of Oracle WebLogic Server>:7001/Console

https://< IP Address or FQDN of Oracle WebLogic Server>:7002/Console

2.On the Oracle WebLogic Server Administration Console, in the left pane, under Domain Structure, click Security Realms.

3.In the right pane, under Summary of Security Realms, in the Name column of the table, click on your security realm (for example, myrealm).

4.On the settings window of your security realm (for example, Settings for myrealm), click the Providers tab.

5.On the Authentication tab, under Authentication Providers, click New.

6.On the Create a New Authentication Provider window, perform the following steps:

a.In the Name field, enter a name for the authentication provider (for example, SAML_IDP_SAML).

b.In the Type field, ensure that SAML2IdentityAsserter (the default authentication provider type) is selected.

c.Click OK.

7.Restart Oracle WebLogic Server.

8.Perform the steps 1 to 5 again as given above.

9.On the Authentication tab, under Authentication Providers, in the Name column of the table, click on the newly created authentication provider (for example, SAML_IDP_SAML).

10.On the settings window of the authentication provider (for example, Settings for SAML_IDP_SAML), click the Management tab.

11.On the Management tab, under Identity Provider Partners, click New > New Web Single Sign-On Identity Provider Partner.

12.On the Create a SAML 2.0 Web Single Sign-on Identity Provider Partner window, in the Path field, enter your local system path where you saved your identity provider (IdP) metadata file (for example, client-tailored-saml-idp-metadata.xml) that you downloaded earlier from the SafeNet Trusted Access console, and then click OK.

13.Under Identity Provider Partners, click on the newly created identity provider partner (for example, WebSSSO_IdP-Partner-0).

14.On the settings window of the authentication provider (for example, Settings for SAML_IDP_SAML), on the General tab, perform the following steps:

a.Select Enabled.

b.Select Virtual User.

c.In the Redirect URIs field, enter the application URI that hosts the application (accessed by users) to be authenticated by the identity provider.

15.On the top left-hand side corner of the window, click Save.

16.On the Oracle WebLogic Server Administration Console, in the left pane, under Domain Structure, click Environment > Servers.

17.On the Summary of Servers window, in the Name column of the table, click AdminServer(admin).

18.On the Settings for AdminServer window, on the Configuration tab, click the Federation Services tab.

19.On the Federation Services tab, click the SAML 2.0 Service Provider tab.

20.On the SAML 2.0 General tab, perform the following steps:

a.Complete the following fields:

Field Value to be Set
Published Site URL Enter your WebLogic published site URL.

https://<FQDN or IP Address of the Oracle WebLogic Server>:<Port Number>/saml2>
Entity ID Enter your entity ID.

https:>//<FQDN or IP Address of the Oracle Weblogic Server>:<Port Number>

b.Click Save.

c.Click Publish Meta Data.

21.On the Publish SAML 2.0 Meta Data window, in the Path field, enter your local system path where you want to save the Oracle WebLogic Server metadata, and then click OK.

22.On the Federation Services tab, click the SAML 2.0 Service Provider tab.

23.On the SAML 2.0 Service Provider tab, perform the following steps:

a.Select Enabled.

b.Select Only Accept Signed Assertions.

c.In the Preferred Binding field, select POST.

d.In the Default URL field, enter your application URI, https://<FQDN or IP Address of Oracle WebLogic Server>:<Port No>/<Application URI>

Where, <Application URI> is the Redirect URI that you entered in step 14(c).

e.Click Save.

SafeNet Trusted Access Setup

After completing the first step of configuring SafeNet Trusted Access in Oracle WebLogic Server, the second step is to activate the Oracle WebLogic Server application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, you will notice that the Oracle WebLogic Server application that you added previously is currently in inactive state by default. To configure and activate this application, click the application (for example, Oracle WebLogic Server) and proceed to the next step.

2.Under STA Setup, click on Upload Oracle WebLogic Server Metadata.

3.On the Metadata upload window, click Browse to search and select the Oracle WebLogic Server metadata that you saved in step 21 of Oracle WebLogic Server Setup.

4.Under Account Details, the service provider metadata information is displayed.

5.Under User Portal Settings, in the SERVICE LOGIN URL field, enter the application login URL (for example, www.example.com) that is hosted on Oracle WebLogic Server.

6.Click Save Configuration to save the details and activate the Oracle WebLogic Server application in SafeNet Trusted Access.

Verify Authentication

Using STA Console

Navigate to the Oracle WebLogic Server login URL. You will be redirected to the SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the Oracle WebLogic Server application after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click on the Oracle WebLogic Server application icon, you should be redirected to the Oracle WebLogic Server application after authentication.

 

© 2018 SafeNet Trusted Access. Various trademarks held by their respective owners.