How To Extract Attribute Statements From A SAML 2.0 Assertion
(Doc ID 2262947.1)
Last updated on MAY 09, 2017
Applies to:Oracle Web Services Manager - Version 188.8.131.52.0 and later
Information in this document applies to any platform.
It is necessary to configure OWSM to authenticate an incoming SOAP web service request based on WS-Security with SAML 2.0.
The SAML assertion that is included as the supporting token of a WS-Security header.
The SAML assertion and additional SOAP elements are signed and the signing certificate is included as a binary security token.
The Subject confirmation method of the SAML assertion is 'sender-vouches'.
Besides the subject, the SAML token includes additional attribute statements that define user roles and further profile data.
It is possible to setup OWSM to do the authentication but, in addition, it is necessary to retrieve the user roles and attributes and add them as principals to the security subject.
This does not seem to be possible through OWSM.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!