Solved

saml on authentication

Posted on 2014-11-27
1
176 Views
Last Modified: 2014-12-01
HI,

Let me know how to implement SSO using SAML 2.0. is it a free ware.
I have a web application, but i want to integrate with facebook and Oracle application,
when i  login to facebook, i could able to login to my web application also and also to
my oracle application, Let me the steps to do that

Thanks
0
Comment
Question by:roy_sanu
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40470034
Likely you are looking at Oracle's Internet Identity Services. Mainly your Oracle appl becomes a relying party (RP) to support for Internet-based identity providers (IdP), in this case Facebook. You likely to have two use case namely

a) a Mobile and Social server and pls see the use case stated "37.6.1 Authenticating a Returning User With a Local Account" and "37.6.3 Using OAuth For Access Token Retrieval"

b) via a Webgate and Access Manager and pls see "37.6.4 Authenticating a User With Access Manager and Internet Identity Services"

But note that from the article, it stated the support for Facebook is OAuth2.0 instead of SAML. So having SSO using Oauth with Facebook is the part that is not known as SSO is mostly via SAML. Probably it is good to confirm with Oracle  support. The above is not so called free unless you are already subscribing those identity suite packages.
https://docs.oracle.com/cd/E27559_01/admin.1112/e27239/oicunderstandingoic.htm#AIAAG8548

This is a quick summary (see the diagram) to differentiate SAML and OAuth - http://developers.axiomatics.com/blog/index/entry/authentication-vs-authorization-part-2-saml-and-oauth.html

Just to share SAML is mostly for Enterprise SSO and OAuth is used delegated authorization of internet resources like via RESTful API required by an application making a call (on behalf of someone or something else) to likely a native app on a mobile device etc.

There is still SAML2 with SSO for Weblogic (assuming not getting Facebook) as shared in http://biemond.blogspot.sg/2009/09/sso-with-weblogic-1031-and-saml2.html

More SAML supported soln in http://en.wikipedia.org/wiki/SAML-based_products_and_services
0

Featured Post

Webinar May 25: Cloud Security Strategies for SMBs

Small and mid-sized businesses are a driving force behind cloud adoption, and it’s no wonder: cloud benefits are BIG.  But for all the convenience that moving to the cloud provides, where does security come into play?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
The viewer will learn how to implement Singleton Design Pattern in Java.
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question