Ability To Use A mechanism In weblogic.xml To Include A Principal-Name which Allows All Authenticated Users to Login to Application (Doc ID 2439265.1)

Last updated on FEBRUARY 28, 2024

Applies to:

Goal

Ability to use an implementation in weblogic.xml to include a principal-name to allow all users to login.

In SAML, authentication in OBIEE 12c and is working when we specify group names in web.xml that the user belongs to.
Would like to allow all authenticated users regardless of what groups they are in to log in to OBIEE.
Tried editing weblogic.xml to include a principal-name  to allow all users but that did not work (resulted in a 403 Forbidden message)

Goal is to allow all users/groups access to /analytics application-

Instruction followed for SAML SSO for OBIEE:

 OBIEE 12c: How to Configure SAML 2.0 SSO on OBIEE 12c using ADFS - Single Node (Doc ID 2248571.1)

This note is related, but the solution there is to specify a group name in weblogic.xml which does work, because the goal is to allow all users from all groups to login.

  OBIEE 12c : 403 Error When Doing SAML 2.0 SSO For Authentication And External Oracle Database For Authorization (Doc ID 2226376.1)
 

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.