SSO using SAML2 in WebLogic Server 10.3 not working

Dear all,
I have tried all possible configuration to configure SSO but with no hope :(
My requirement is to configure SSO using SAML2, weblogic 10.3 and 1 domain.
I followed the following links in my configuration:
1- http://biemond.blogspot.com/2009/09/sso-with-weblogic-1031-and-saml2.html
2- http://blogbypuneeth.wordpress.com/2011/01/15/steps-to-configure-saml-2-on-weblogic-server-10-3-0/
Please if anyone can send me any other tutorial or working sample application as maybe i am configuring the web/weblogic xmls in a wrong way
Appreciate any help

Hi,
This is how my web.xml looks like :
     <display-name>SAML Destination Site Application</display-name>
     <welcome-file-list>
          <welcome-file>index.jsp</welcome-file>
     </welcome-file-list>
     <security-constraint>
          <web-resource-collection>
               <web-resource-name>SecurePages</web-resource-name>
               <description>These pages are only accessible by authorized users.</description>
<url-pattern>samldest01App/restricted01/*</url-pattern>
<http-method>GET</http-method>
          </web-resource-collection>
          <auth-constraint>
               <description>These are the roles who have access.</description>
               <role-name>SamlUser</role-name>
          </auth-constraint>
          <user-data-constraint>
               <description>This is how the user data must be transmitted.</description>
               <transport-guarantee>NONE</transport-guarantee>
          </user-data-constraint>
     </security-constraint>
     <login-config>
          <auth-method>BASIC</auth-method>
          <realm-name>myrealm</realm-name>
     </login-config>
     <security-role>
          <description>These are the roles who have access.</description>
          <role-name>SamlUser</role-name>
     </security-role>
</web-app>
weblogic.xml :
<?xml version='1.0' encoding='UTF-8'?>
<weblogic-web-app xmlns="http://www.bea.com/ns/weblogic/90"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
     <security-role-assignment>
          <role-name>SamlUser</role-name>
          <principal-name>SAML_SSO_GRP</principal-name>          
     </security-role-assignment>
     <context-root>/samldest01App</context-root>
</weblogic-web-app>

Similar Messages

  • Single Sign-On using SAML in WebLogic Server 10.3

    I followed Vikrant Sawant's tutorial on how to configure single sign-on (SSO) with SAML in WebLogic (http://www.oracle.com/technology/pub/articles/dev2arch/2006/12/sso-with-saml.html) but am being forced to re-authenticate when going from Domain B back to Domain A. I'd appreciate any help or suggestions.
    I posted a question in the General forum here:
    Single Sign-On using SAML in WebLogic Server 10.3

    I too am facing the same problem SSO with SAML - Session on Source Site killed after landing on Destination
    Thanks
    Togotutor
    <b><a class="jive-link-external" href="http://www.togotutor.com">http://www.togotutor.com</a> (Learn Programming and Administration for Free)</b>
    Edited by: user7507600 on Sep 17, 2010 10:01 AM

  • Using servlet in weblogic server

    hi, guys,
    I have done quite a few research about using servlet in weblogic server, but still can't get it work, hope you guys can provide some suggestion. Thank you in advance.
    I have a folder structure like this:
    There is a "Jsp" folder under the "WebContent", and there is a configJsp.jsp file inside this folder, which is:<br>
    <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
    pageEncoding="ISO-8859-1"%> <br>
    <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><br>
    <html> <br>
    <head> <br>
    <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> <br>
    <title>Insert title here </title> <br>
    </head> <br>
    <body> <br>
    <form method="POST" action="Config"> <br>
    <input type="text" name="myText"/> <br>
    <input type="submit" name="mySubmit" value="submit"> <br>
    </form> <br>
    </body> <br>
    </html> <br>
    And then under the "Java Resources", there is a "servlet" package, there is a ConfigServlet.java file inside, which is like this:
    <br>
    package servlet; <br>
    <br>
    import java.io.*; <br>
    import javax.servlet.*; <br>
    import javax.servlet.http.*; <br>
    public class ConfigServlet extends HttpServlet <br>
    {  <br>
    public void doGet(HttpServletRequest request,HttpServletResponse response) <br> throws ServletException,IOException <br>
    { <br>
    doPost(request, response); <br>
    } <br>
    <br>
    public void doPost(HttpServletRequest request,HttpServletResponse response) <br> throws ServletException,IOException <br>
    {  <br>
    String textContent=request.getParameter("myText"); <br>
    response.setContentType("text/html"); <br>
    PrintWriter out = response.getWriter(); <br>
    out.println(" <html>"); <br>
    out.println(" <head> <title>ServletCommit </title> </head>"); <br>
    out.println(" <body>"); <br>
    out.println(textContent); <br>
    out.println(" </body> </html>"); <br>
    } <br>
    } <br>
    and I add the following mapping configuration into web.xml:
    <servlet> <br>
    <servlet-name>Config </servlet-name> <br>
    <servlet-class>servlet.ConfigServlet </servlet-class> <br>
    </servlet> <br>
    <servlet-mapping> <br>
    <servlet-name>Config </servlet-name> <br>
    <url-pattern>/Jsp/* </url-pattern> <br>
    </servlet-mapping> <br><br>
    I run the application, click "submit", and got the following error message:<br>
    Error 404--Not Found <br>
    From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
    10.4.5 404 Not Found<br>
    The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.<br><br>
    If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. <br><br>
    I guess there might be something wrong with the jsp and servlet mapping, but don't know what exactly it is, and have tried to change some configuration as well, but they don't work. This has annoyed me for a few days, hope there is someone who can be so kind to help me out of this. Thank you again.
    null

    to james.bayer:<br>
    I tried modifying my web.xml like the following:<br><br>
    <servlet><br>
    <servlet-name>Config</servlet-name><br>
    <servlet-class>servlet.ConfigServlet</servlet-class><br>
    </servlet><br>
    <servlet-mapping><br>
    <servlet-name>Config</servlet-name><br>
    <url-pattern>/Config</url-pattern><br>
    </servlet-mapping><br><br>
    is that what you mean? but the same error appear again, it doesn't seem to be able to find the servlet.<br><br>
    I am using an BEA workshop for weblogic platform 10.0. Actually, I am trying to develop a portal, and I need a jsp to be included in it, and will need to deal with the form submit. The jsp is under a portal application, does it matter? Or is it different with a normal dynamic web application? Thank you for your advice.

  • I would like to know why when i make a web page and test in my local browser it works fine then when i tranfer to my server i does not work fine example i used javascript to put a prompt bar on a page and it worked fine local but on server not working

    how come when i make a web site and i test it in my local server it works fine when i tranfer to server certain things do not work example i used javascript to put in a prompt bar for a newsletter page at the server it did not work but at local it did also it works at MOZZILLA but not internet explorer i also have cs4 was wondering if there is a way to test a page in dreamweaver and then transfer   THANK YOU X-FACTOR-MEDIA

    In future, please try to make the subject line of your posts shorter. In this case the following would have been sufficient: "JavaScript works locally, but not on remote server".
    Short, but meaningful subject lines make it easier for others to identify what your question is about, and often bring faster help.

  • HT4623 I have tried to update my iPhone using the iTunes method but it will not work. The message "The iTunes update server could not be contacted. Please check your internet connection or try again later," appears. What do I do? The Internet is working f

    I have tried to update my iPhone using the iTunes method but it will not work. The message "The iTunes update server could not be contacted. Please check your internet connection or try again later," appears. What do I do? The Internet is working fine.

    Have you tried the following troubleshooting document?
    iTunes for Windows: iTunes cannot contact the iPhone, iPad, or iPod software update server
    If you end up using the If the iTunes Store opens successfully section of the document, and the "Automatically detect settings" checkbox is already checked, try unchecking and rechecking it and clicking OK.

  • I have spent the last hour trying to upgrade my Iphone using ITunes.  Now, my phone will not work at all.  I think the backup is on my computrer, but it appears now to upload.  What to do?

    I have spent the last hour trying to upgrade my IPhone to IOS 7 using ITUnes.  Now, my phone wil not work at all.  I think it is backed up on my computer, but I am unable to get it to download to the phone.  What to do?

    Thanks, as it still will not work, I assume it is damaged and needs to be sent in for repairs.
    Tim

  • I am using chat-r wireless and facetime is not working but when i put rogers fido or any other carrier sim in it work. Anyone know what the problem?

    I am using chat-r wireless and facetime is not working but when i put rogers fido or any other carrier sim in it work. Anyone know what the problem?

    I'm guessing it's a compatibility problem similar to that that T-Mobile in the US has. I'm not familiar with chat-r wireless, but I'm guessing it's not a supported carrier for the iPhone. If they can't tell you how to fix it, I'm guessing it's just plain not going to work.

  • I have a iphone 5 and I can login with my apple id to purchase music. However, when I try to login into icloud using the very same username and password that I use in the apple store it does not work to enter icloud, so what what gives???

    I have a iphone 5 and I can login with my apple id to purchase music. However, when I try to login into icloud using the very same username and password that I use in the apple store it does not work to enter icloud, so what what gives???

    I could do that, however when I select the icloud button (or whatever the heck it is) I am asked to enter the apple id and password. So if you are suppose to create another one for icloud you'd think it would give you the option at this point which would be logical.

  • Plugin created using C++ 6 and Acrobat 6 SDK Not Working in Windows

    I have an Acrobat plugin compiled in Visual C++ 6 using Acrobat 6 SDK. The plugin works flawlessly in Acrobat versions 6 to 9 in Windows XP. While the plugin is able to add a menu iterm and tool bar icon in Windows 7, it causes Acrobat to hang everytime when activated in which event I have to close Acrobat. Since Visual C++ 6 is a 32 bit app, I have to believe that Acrobat 6 SDK is responsible for the behavior described herein in attempting to get the plugin to work in Windows 7. Any comments or suggestions regarding what Visual C++ version to use along with the appropriate Acrobat SDK to get the plugin to work in Windows 7 are appreciated. In doing so, I would also be interested in knowing what backward compatibility one may expect w/regard to previous versions of Acrobat in updating the plugin to work in Windows 7. As for the answer, correct me if I am wrong but I'm thinking Acrobat 9.

    Adobe hasn't supported Acrobat 6, VC6 or the Acrobat 6 SDK for at least 5 years.  You will need to move to the Acrobat 9 SDK if you wish support.
    And Acrobat 9 and its SDK are fine with Windows 7.
    From: Adobe Forums <[email protected]<mailto:[email protected]>>
    Reply-To: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>>
    Date: Thu, 1 Dec 2011 01:15:42 -0800
    To: Leonard Rosenthol
    Subject: Re: Plugin created using C++ 6 and Acrobat 6 SDK Not Working in Windows Plugin created using C++ 6 and Acrobat 6 SDK Not Working in Windows
    Plugin created using C++ 6 and Acrobat 6 SDK Not Working in Windows
    created by gomfp49<http://forums.adobe.com/people/gomfp49> in Acrobat SDK - View the full discussion<http://forums.adobe.com/message/4056529#4056529

  • HT201320 I have ne iphone 5, i been setting my email using AT&T global but it is not working, please help me on the correct configuration

    I have ne iphone 5, i been setting my email using AT&T global but it is not working, please help me on the correct configuration

    Contact the email provider and obtain the correct setup information.

  • I am using Ubuntu; iTunes installed via wine is not working properly. So how should i sync my apps on iTunes and device?          When will iTunes come to Ubuntu

    I am using Ubuntu; iTunes installed via wine is not working properly. So how should i sync my apps on iTunes and device?
    When will iTunes come to Ubuntu?

    See:
    *http://kb.mozillazine.org/Firefox_crashes
    *https://support.mozilla.org/kb/Firefox+crashes
    If you have submitted crash reports then please post the IDs of one or more recent crash reports that have this format:
    *bp-xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
    You can find the IDs of the submitted crash reports on the <i>about:crashes</i> page.
    *You can open the <b>about:crashes</b> page via the location bar, like you open a website, or open this page via "Help > Troubleshooting Information".
    See:
    *http://kb.mozillazine.org/Mozilla_Crash_Reporter
    *https://support.mozilla.org/kb/Mozilla+Crash+Reporter

  • Im trying to listen to a book and it keeps telling me I need to enter my audible account username and password.  I used my apple id and it is not working anyone know what to do?

    Im trying to listen to a book we downloaded from amazon.  When we click on it it says we need to enter out audible username and password.  I used my apple id username and password and it says it is not correct.  I reset this and used it again and it still does not work.  Any ideas?

    Launch iTunes. From the menu bar click Store / View My Account then click Edit Payment Information.
    Make sure the Security Code for you credit card is available and the expiration date is correct, then click Done.

  • When iam using jdownloader for dowload, the firefox did not work at any page, as like there in no internet conexion?

    When iam using jdownloader for dowload, the firefox did not work at any page, as like`` there in no internet conexion?``

    you need to check whether '''jdownloader''' is compatible with the Firefox version you are using.
    -> Tap ALT key or press F10 to show the Menu Bar
    -> go to Tools Menu -> Add-ons -> Extension section -> check the Status of '''jdownloader''' extension -> if '''an update''' is available for this add-on then install the update -> Restart Firefox and check again check the compatibility -> if it is '''GREYED with Exclamation mark''' then it is incompatible with Firefox
    Try using this extension to force compatibility.
    https://addons.mozilla.org/en-US/firefox/addon/add-on-compatibility-reporter/
    Check and tell if its working.

  • Lion Server DNS service not working for locally created zones. Caching working fine.

    OS Lion Server DNS service not working for local zones. Was fine under Snow leopard server but Lion server upgrade has severely broken my DNS and web sites. Zones look fine under Server Admin but keep getting "query failed (SERVFAIL) for xxxx at /SourceCache/bind9/bind9-42/bind9/bin/named/query.c:3921" in the logs. BTW - Server Admin cant seem to see the log file either.
    Surely someone actually tested that DNS still worked on Lion?

    I upgraded from Snow Leopard Server to Lion Server on day 01.  I hit the same issue where, after the upgrade, my Lion Server stopped serving names for my private local domain.
    I finally took a few minutes to figure out what was wrong.  After turning on debug logging and looking through the logs, I found my particular issue, now resolved.
    The issue I had was, when the domain initially was setup when I installed Snow Leopard Server, for some reason it created a zone just for the server (in my case, something like zone "s-01.mydomain.priv"), and a separate zone for all the other machines (zone "mydomain.priv", containing all the private IPs for my local domain).  I never messed with it because it worked, but generally I would have put all of them in the same zone.
    My zone "mydomain.priv" had a nameserver and mail exchanger entry for my server, s-01.mydomain.priv.  I could see this in the Server Admin app on the DNS bubble, Zones tab, mydomain.priv selected, and the General Info panel.  This was fine in Snow Leopard.  This was failing the zone load in the updated bind for Lion Server, though.  The issue was that the "mydomain.priv" zone was referencing the s-01.mydomain.priv server, which was not defined in the "mydomain.priv" zone but rather in the "s-01.mydomain.priv" zone.
    My fix:
    1. In Server Admin, add the server to the zone "mydomain.priv".  I put an A record (Add Machine) in the "mydomain.priv" zone for my server named s-01.mydomain.priv.
    2. shut down DNS on the OS X Lion Server (hit the Stop DNS button on Server Admin).
    3. edit /etc/named.conf by hand, removing the specialized zones that contianed just the server.  In this case, it would be the section titled 'zone "s-01.mydomain.priv"' and the section titled 'zone "3.10.1.10.in-addr.arpa"'.  Your in-addr.arpa zone name will change based on whatever your server IP address was.  My internal one happened to have s-01.mydomain.priv mapped to 10.1.10.3.
    4. Once the specialized zones for just the server were removed, I started the DNS up again.  Instead of serving four zones as it had in OS X Snow Leopard Server, it now servers two zones.  And, now, it is resolving my local machines for the mydomain.priv zone.
    YMMV.  I did note that it wasn't totally necessary to do step 3, but I never really understood the need for the specialized domain, and keeping it around would have a copy of data that would just confuse things.
    Hope that helps.  That's been the only hiccup I've noticed updating to OS X Lion Server thus far.

  • I m using macbook pro my enter key is not working suddenly how can i solve this problem?

    i m using macbook pro my enter key is not working suddenly how can i solve this problem?

    I have tried to delete but Com.Apple.keyboardtype.plist is missing therefore I cannot reset the keyboard
    /Library/Preferences/com.apple.keyboardtype.plist

Maybe you are looking for

  • Withholding tax not able to view in FBL1N - Vendor Line Item report

    Dear All, The VI documents are posted in different vendors. The Tax code has been duly selected and tax was deducted at the time of posting the entry. When we generate the list of vendor line items using standard report FBL1N, we observe that only so

  • For my purposes, should I install Boot Camp or Parallels?

    I have a three year old iMac running Mavericks with 8 gigs of RAM.  I want to take a class that teaches 3D design using 3ds Max.  If I do I'm going to need to use a Windows platform to run the software.  Never having used either one, would I be bette

  • Delete unwanted company code, like sample company codes

    Hi Expert, I would like to have advice on deleting unwanted company codes, for example, country sample company codes. I would like to have remaining company code of 0001, and my client company code, say 1000, only. Is it enough to delete these unwant

  • Triggers, Stored Procedures and Java

    Hi all. I started developing some useful (at least for me) Java Package, and I'm wondering if I'm doing the right thing. Let's say that I have a trigger that calls a Stored Procedure that calls a Java Package. Let's say that the Java Package can be u

  • Rpm for OEL 5.5

    Hi, I have to install oracle database 11gR2 on OEL 5.5. In order to install required rpm, does exist an rpm package that installs all required packages?