Configure SAML 2.0 general services

Before you begin

If you are configuring SAML 2.0 services to run in two or more server instances in the domain, configure the RDBMS security store. See Configure the RDBMS security store and Managing the RDBMS Security Store.
If you are configuring SAML 2.0 identity provider services for this WebLogic Server instance, create and configure a SAML 2.0 credential mapping provider instance in the security realm. For more information, see Configure Credential Mapping Providers.
If you are configuring SAML 2.0 service provider services for this WebLogic Server instance, create and configure a SAML 2.0 identity assertion provider instance in the security realm. For more information, see Configure Authentication and identity assertion providers.

You can use the Federation Services > SAML 2.0 General page to configure general SAML 2.0 services for this server. If you are configuring SAML 2.0 web single sign-on services with your federated partners, the site information you configure is published in a metadata file that you send to your federated partners.

To configure the general SAML 2.0 properties of this server:

If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
In the left pane, select Environment > Servers and click the name of the server you are configuring (for example, myserver).
Select Configuration > Federation Services > SAML 2.0 General.
Select Replicated Cache Enabled to use the persistent cache for storing SAML 2.0 artifacts.
This option is required if you are configuring SAML 2.0 services in two or more WebLogic Server instances in your domain. For example, if you are configuring SAML 2.0 services in a cluster, you must enable this option in each Managed Server instance individually.
Note: If you are configuring SAML 2.0 services in two more more WebLogic Server instances in your domain, configure the RDBMS security store. The embedded LDAP server is not supported in these configurations.
In the section titled Site Info, enter the following information about your SAML 2.0 site:
1. Contact person details.
2. Your organization's name and URL.
3. The Published Site URL, which is the top-level URL for your site's SAML 2.0 service endpoints. This URL must be appended with the string /saml2, which will be automatically combined with constant suffixes to create full endpoint URLs.
In the section titled Bindings, enter the common binding information to be used by this SAML 2.0 server instance. If you do not specify a Transport Layer Security key alias and passphrase, the server’s configured SSL private key alias and passphrase from the server's SSL configuration is used for the TLS alias by default.
If the Artifact binding is enabled for any SAML 2.0 security provider hosted on this server instance, configure the Artifact Resolution Service in the section titled Artifact Resolution Service.
In the section titled Single Sign-on, enter the keystore alias and passphrase for the key to be used for signing documents sent to federated partners. If you do not specify a single sign-on signing key alias and passphrase, the server’s configured SSL private key alias and passphrase from the server's SSL configuration is used by default.
Click Save.
Optionally, click Publish Meta Data to create or update the partner metadata file, which contains the information about this site's SAML 2.0 services to be shared with your federated partners that is used for SAML 2.0 web single sign-on. For more information, see Configuring Single Sign-On with Web Browsers and HTTP Clients.
To activate these changes, in the Change Center of the Administration Console, click Activate Changes. Not all changes take effect immediately—some require a restart (see Use the Change Center).





        After you finish
      
      
After you have configured this server's general SAML 2.0 services,
      click SAML 2.0 identity provider or
      SAML 2.0 service provider to configure this
      server as an identity provider or service provider, respectively. For
      more information, see Configure SAML 2.0 Identity
  Provider services       and Configure SAML 2.0
  service provider services.

      
See also Configuring
      Single Sign-On with Web Browsers and HTTP Clients, Configuring Identity
      and Trust, and Using Security Assertion Markup Language (SAML) Tokens For
      Identity.
    
  





                    }


                    }


                    (document.images){ dcs_imgarray[dcs_ptr] = new
                    Image; dcs_imgarray[dcs_ptr].src = dcs_src;

                    WT[myMeta.name.substring(3)]=myMeta.content; } if
                    DCSext[myMeta.name.substring(7)]=myMeta.content; } }
                    } }

                    for (N in DCS){P+=A( N, DCS[N]);} for (N in
                    WT){P+=A( "WT."+N, WT[N]);} for (N in DCSext){P+=A(
                    N, DCSext[N]);}

                    //}





                    aCrumb=aCookie[i].split("="); if (crumb==aCrumb[0]){
                    return aCrumb[1]; } } return null; }

                    i=0;i