SSO with WebLogic 10.3 and SAML

With Weblogic it is relative easy to setup Single Sign On between Servers who has support for SAML. In this blog I will show you, how you can setup SSO between two ADF applications on different WebLogic servers. Off course you can also use Remote Task Flows for this, but when you setup SAML you can use this to protect your web services or use it for identity propagation with OWSM in combination with ESB, BPEL or OSB.
This blog is based on the article of Vikrant Sawant where he did the same with two WLS 9.2 Domains.I will use this blog as the starting point for my next blog entries, I am thinking about the following blog entries, How to use SSO / SAML with ADF Security , SAML with OWSM / OSB / ESB and BPEL. In this blog entry I will use the standard container security.

To make this work we need to have two WLS domains. I created a new domain with the configuration wizard of JDeveloper 11G and enabled the ADF option on this domain. I use the internal Weblogic domain of JDeveloper as the secondary domain.
The new domain will be the SAML Source site but first we need to configure the WebLogic server instance by enabling SSL. SAML will need SSL for the secured communication between the SAML source and destinations domains. For this source domain I will use port 7001 and 7002 (SSL)
Define the keystores, I have my own keystores but you can also use the WLS demo keystores

If you use your own keystore then you propably have to set the new private key alias.

More Here