Administration Console Online Help

Previous Next Open TOC in new window
Content starts here

Configure SAML 2.0 Service Provider services

Before you begin


You can use the Federation Services > SAML 2.0 Service Provider page to configure this WebLogic Server instance as a SAML 2.0 Service Provider. A Service Provider is a SAML authority that can receive SAML assertions and extract identity information from those assertions. The identity information can then be mapped to local Subjects, and optionally groups as well, that can be authenticated.

To configure a server as a SAML 2.0 Identity Provider:

  1. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).
  2. In the left pane, select Environment > Servers and click the name of the server you are configuring (for example, myserver).
  3. Select Configuration > Federation Services > SAML 2.0 Service Provider.
  4. Select Enabled to activate SAML 2.0 services in this server in the role of Service Provider.
  5. Set the configuration options for the local SAML 2.0 Service Provider services as appropriate. Note the following:
    1. Choose options for Select Always Sign Authentication Requests and Only Accept Signed Assertions as desired and in a manner that is coordinated with your federated partners so that authentication requests and assertions are accepted.
    2. Communicate the SAML bindings settings for this server with your federated partners to ensure compatibility.
  6. Click Save.
  7. If you are configuring SAML 2.0 Service Provider services for web single sign-on, select SAML 2.0 General, and click Publish Meta Data.

    For more information about publishing SAML 2.0 metadata, see Publishing and Distributing the Metadata File.

  8. To activate these changes, in the Change Center of the Administration Console, click Activate Changes.
    Not all changes take effect immediately—some require a restart (see Use the Change Center).

After you finish

Coordinate with your federated partners to ensure that the SAML bindings you have enabled for this SAML authority, as well as your requirements for signed documents, are compatible with your partners. For more information, see Create and Configure Web Single Sign-On Identity Provider Partners.

Related Tasks

Related Topics


Back to Top