If you use the HTTP-Artifact binding for SAML 2.0 single sign-on, the assertion is sent from the Identity Provider, across a secure back channel, to the Service Provider. You need to configure a password for the Service Provider to be granted access to the Artifact Resolution Service, which will resolve the artifact and retrieve the assertion.
Note: The password is only relevant if you use Basic or Basic over SSL as the authentication method across the back channel; however, you must configure a password regardless of which authentication method you plan to use.
To configure a password for HTTP-Artifact binding:
The Backchannel Properties dialog opens.
Note: The Configure Backchannel Authentication button is only active if you select HTTP-Artifact on the SSO tab.
You return to the SAML Service Provider Properties dialog.
At the Identity Provider, the Web Agent Option Pack can be installed on a WebLogic 9.2.x application server. For basic authentication across the back channel to work with this server, modify the WebLogic config.xml file.
In the WebLogic config.xml file for the application domain, set the <enforce-valid-basic-auth-credentials> within the <security-configuration> element as follows:
<enforce-valid-basic-auth-credentials>false</enforce-valid-basic-auth-credentials>
|
Copyright © 2012 CA.
All rights reserved.
|
|