0 Replies Latest reply on Feb 27, 2019 10:35 AM by 2934696

    EBS Asserter Network Requirement.

    2934696

      Hi All,

       

      I have reviewed following document to integrate EBS with IDCS for SSO.

      https://www.oracle.com/webfolder/technetwork/tutorials/obe/cloud/idcs/ebs_asserter_obe/ebs-asserter.html#TestSingleSign-…

       

      However, I have some doubt regarding network setting especially between IDCS and EBS asserter(deployed on WLS). My question is:

       

      Once integration is complete and  user try to access EBS using EBS url.(https://ebs.example.com). EBS Application server will transfer the request to EBS asserter(WLS). Both EBS application and EBS asserter are on On-Premise infrasture(behind the firewall) so there should not be an issue to communicate between them. In next https request flow, I can assume two possibilities:

       

      a) EBS Asserter try to reach directly to IDCS for authentication. In that case, There should be some network configuration need to implement at network layer(regarding firewall, whitelisting of IP-addresses).

      or

      b) EBS Asserter doesn't communicate to IDCS but respond to Client Brower(IE) with redirect request containing  IDCS url with appended encrypted username/password in it. IE will try to reach IDCS and IDCS again approve or reject login request and respond to IE with EBS login URL along with authorized token. In this case, I believe, we don;t need any special network layer configuration change. As Client (IE) have access to internet.

       

      Please confirm how ebs asserter is communicating with IDCS and any network level changes need to configure it.

       

      Regards

      Varun.