To enable the legacy Oracle Access Manager single sign-on applications for SAML 2 federation protocols using OpenSSO Enterprise 8.0, follow these steps:
Install Oracle Identity Server, and then install the Oracle Access Server component.
Obtain all required Oracle Access Manager components before you begin installation procedures. See Oracle Access Manager Installation Guidefor detailed installation instructions.
For the examples in this document, Solaris-based installation was conducted. The system was tested with Sun Web Server 6.1 SP5 as the Oracle Administration plug-in interface, and Sun Directory Server 6.3 as the user data and configuration repository.
After the successful installation, access the administration console.
Go to the URL http://host:port/access/oblix and log in using the following credentials:
oadmin
password
The administrative interface for managing core access server components, policy manager, and identity console is displayed.
Install Oracle WebGate.
See the sectionInstalling the WebGate in the Oracle Access Manager Installation Guide.
See the Oracle Access Manager Installation Guide for detailed configuration instructions. For the examples in this document, the Oracle Access and Policy Servers are tested using the configurations described below.
Create an Access Server Configuration named access1.
Create access gate configuration named webgate1.
Create an access gate configuration for the SDK.
The SDK configuration is used for custom authentication modules and for other remote APIs.
Associate the web gates with Oracle Access Server.
This establishes a trust relationship.
Create a form-based authentication scheme
By default, Oracle Access Manager provides a credential collector form you can use it. You can also customize the form. For the examples in this document, the following properties are used.
Configure the plug-ins.
Access the Policy Manager console (top-right link) and create a policy for your protected resource.
Protect the resource with the form-based authentication.
Accessing your protected application should redirect to the form login page. Upon successful authentication, the protected application will redirect to the protected resource with a valid Oracle Access Manager session.