What Is Responsible For Authentication When SAML2.0 SSO Is Enabled in Agile PLM?
(Doc ID 2766612.1)
Last updated on JUNE 23, 2023
Applies to:Oracle Agile PLM Framework - Version 220.127.116.11 and later
Information in this document applies to any platform.
What is responsible for authentication when SSO is enabled?
Aware of the following about LDAP authentication in Agile PLM:
LDAP Java Client Configuration - Responsible for syncing users from LDAP to Agile PLM.
LDAP WebLogic Console Configuration - Responsible for authenticating users.
Have also implemented SAML 2.0 SSO and found evidence that authentication could be owned by the SSO server not by WebLogic when SAML 2.0 SSO is implemented.
The reason this might be the case is, have 2 LDAP providers configured in the Java Client: 1) For internal users; 2) For external users. This is why all internal and external users exist in the Agile PLM database. However, just noticed that don't have the external provider configured in the WebLogic Console. Therefore, if WebLogic is still supposed to be responsible for authenticating users, it would be a mystery as to how these external users are able to login successfully. Because of this, believe these users are authenticated by the SSO server, not by LDAP.
Can clarify/confirm this theory?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document