How To Extract Attribute Statements From A SAML 2.0 Assertion
Last updated on MAY 09, 2017
Applies to:Oracle Web Services Manager - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
It is necessary to configure OWSM to authenticate an incoming SOAP web service request based on WS-Security with SAML 2.0.
The SAML assertion that is included as the supporting token of a WS-Security header.
The SAML assertion and additional SOAP elements are signed and the signing certificate is included as a binary security token.
The Subject confirmation method of the SAML assertion is 'sender-vouches'.
Besides the subject, the SAML token includes additional attribute statements that define user roles and further profile data.
It is possible to setup OWSM to do the authentication but, in addition, it is necessary to retrieve the user roles and attributes and add them as principals to the security subject.
This does not seem to be possible through OWSM.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms