Configuration GuidesFederation Security Services GuideConfigure SOA Security Manager as a SAML 2.0 Service ProviderConfigure Single Sign-on at the SP › Configure the Backchannel for HTTP-Artifact SSO

Previous Topic: Configure Single Sign-on at the SP

Next Topic: Enforcing a Single Use Policy to Enhance Security
Configure the Backchannel for HTTP-Artifact SSO

If you select the HTTP-Artifact binding for single sign-on, configure the authentication scheme for the back channel that communicates with the Artifact Resolution Service. This service retrieves the assertion from the Identity Provider.

To configure the backchannel

  1. If necessary, log on to the FSS Administrative UI.
  2. Navigate to the Authentication Scheme Properties dialog.
  3. Click Additional Configuration.

    The SAML 2.0 Auth Scheme Properties dialog opens.

  4. Select the Backchannel tab.
  5. Complete all the fields on the dialog.

    Important! If you are using basic authentication for the backchannel authentication scheme, the value of the SP Name field is the name of the Service Provider. No additional configuration is necessary. If you are using client certificate authentication for the backchannel, the value of the SP Name field must be the alias of the client certificate stored in the smkeydatabase. The SP uses the certificate as a credential to gain access to the Artifact Resolution Service.

  6. Click OK to save your configuration.

More Information:

WebLogic Configuration Required for Back Channel Authentication