I have an security enabled ADF Web Application running on Weblogic Server 10.3.6. SSO for internal users within the domain is implemented using Desktop SSO (Kerberos). The requirement is for external users, who are outside the domain, to use internet to log into IIS/SharePoint/WSS (Windows SharePoint Service) using the AD credential and then click on the published link to the ADF application with SSO happening without redirect to the login page.
How can i achieve this? Should i use Web SSO like SAML? Please point me to the right direction.
After going through technical overiew on SAML, I have come to the conclusion that i can use IIS as my Identity Provider and the web application running on Weblogic server as Service Provider. I can then implement IdP initiated SSO to the SP site.
I found the link saml-iis.html which is for SSO between WLS 9.2 and IIS using SAML (1.1). I guess that for WLS 10.3.6 the configuration will be more or less same.
The problem is that WLS configuration appears to be done using WLST script which couldn't be found in the link. Anyone knows what steps need to be done for manual configuration of SAML in weblogic server 10.3.6?
Thanks & Regards
You can take a look at the below blogs about the manual configuration
Hope this helps