You can refer to the use case description, solution summary, components involved, and the linked documentation resources to configure web services federation with Microsoft ADFS 2.0 STS as the Identity Provided STS (IP-STS) and Oracle STS as the Replying Party (RP-STS).
Configure web services federation with Microsoft ADFS 2.0 STS as the IP-STS and Oracle STS as the RP-STS.
Attach Oracle Web Services Manager (OWSM) WS-Trust policies to the web service and client, and configure Oracle STS and Microsoft ADFS 2.0 STS to establish trust across security domains.
Oracle WebLogic Server
Oracle Web Services Manager (OWSM)
Oracle STS
Microsoft ADFS 2.0 STS
Web service and client applications to be secured
Oracle STS documentation at http://www.oracle.com/technetwork/middleware/id-mgmt/overview/oraclests-166231.html
Microsoft ADFS 2.0 STS: http://technet.microsoft.com/en-us/library/adfs2(v=ws.10).aspx
This use case demonstrates the steps required to:
Attach the appropriate OWSM security policies to enforce message-level protection using SAML bearer authentication.
Specifically, you attach the following policies to the client and service, respectively:
oracle/wss_sts_issued_saml_bearer_token_over_ssl_client_policy
and policies based on oracle/sts_trust_config_client_template
oracle/wss_sts_issued_saml_bearer_token_over_ssl_service_policy
Configure web services federation using Microsoft ADFS 2.0 STS as the IP-STS and Oracle STS is used as the RP-STS.
Transport security with SSL is used to protect the service, the RP-STS, and IP-STS.
For more information on how to implement this use case, see Use Case: Implementing Web Services federation with Microsoft ADFS2.0 STS.
To implement the use case, complete the following tasks in sequence: configure the Web Service, configure Oracle STS as the RP-STS, configure Microsoft ADFS 2.0 STS as the IP-STS, and configure the Web Service Client.
Note:
In the following sections, high-level configuration steps for Oracle STS and Microsoft ADFS 2.0 STS are provided. For detailed information about how to perform these configuration steps, refer to the documentation for the particular STS:
For Oracle STS: http://www.oracle.com/technetwork/middleware/id-mgmt/overview/oraclests-166231.html
For Microsoft ADFS 2.0 STS: http://technet.microsoft.com/en-us/library/adfs2(v=ws.10).aspx
To implement the use case Web Services federation with Microsoft ADFS2.0 STS, first you need to configure the web service.
oracle/wss_sts_issued_saml_bearer_token_over_ssl_service_policy
policy to the web service. For the complete procedure, see "Attaching Policies" in Securing Web Services and Managing Policies with Oracle Web Services Manager./wssbearer
endpoint into the OWSM keystore.To implement the use case Web Services federation with Microsoft ADFS2.0 STS, you need to configure Oracle STS as the RP-STS.
For the complete procedure, see the Oracle STS documentation at http://www.oracle.com/technetwork/middleware/id-mgmt/overview/oraclests-166231.html
.
To implement the use case Web Services federation with Microsoft ADFS2.0 STS, you need to configure Microsoft ADFS 2.0 STS as the IP-STS.
For the complete procedure, see the Microsoft ADFS 2.0 STS documentation at http://technet.microsoft.com/en-us/library/adfs2(v=ws.10).aspx
.)
/usernamemixed
endpoint is enabled.