What Is Responsible For Authentication When SAML2.0 SSO Is Enabled in Agile PLM? (Doc ID 2766612.1)

Last updated on APRIL 08, 2024

Applies to:

Goal

What is responsible for authentication when SSO is enabled?

Aware of the following about LDAP authentication in Agile PLM:

LDAP Java Client Configuration - Responsible for syncing users from LDAP to Agile PLM.
LDAP WebLogic Console Configuration - Responsible for authenticating users.

Have also implemented SAML 2.0 SSO and found evidence that authentication could be owned by the SSO server not by WebLogic when SAML 2.0 SSO is implemented.

The reason this might be the case is, have 2 LDAP providers configured in the Java Client: 1) For internal users; 2) For external users. This is why all internal and external users exist in the Agile PLM database. However, just noticed that don't have the external provider configured in the WebLogic Console. Therefore, if WebLogic is still supposed to be responsible for authenticating users, it would be a mystery as to how these external users are able to login successfully. Because of this, believe these users are authenticated by the SSO server, not by LDAP.

Can clarify/confirm this theory?
 

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.