Web Single Sign-On with SAML 2.0

While SAML is already widely used in the industry, the configuration within Weblogic Server is complex and in most companies not part of the regular routine. We want to have look at a simple SAML example that was published in an article by VikrantSawant in 2007. This former example demonstrates a Web SSO scenario using SAML 1.1 in Weblogic Server 9.2.

We want to upgrade this example, using SAML 2.0 in Weblogic Server 12.1.3.

This is a tutorial in which we will walk through all the necessary steps to setup and run the SAML 2.0 example. This includes the installation and configuration of weblogic server, creation of two weblogic server domains, installation of the test applications and configuration of the identity provider and service provider domains. To provide a comprehensive overview, the separate tutorial steps are summarized in mind map diagrams. The tutorial comprises a Service Provider initiated flow and an Identity Provider initiated flow, which both will be demonstrated during the testing steps.

As an addition, the tutorial demonstrates the usage of the weblogic feature “virtual user”.

The tutorial was developed and tested on a windows 7 machine. A zip package containing all necessary files is provided at the tutorial website. This also includes a text file with a set of windows commands to help setting up the domains and user configurations. We expect the tutorial to run also on Linux or any other platform supported by weblogic server, although this was not tested.


SAML2_Web_SSO_Tutorial.pdf (ca. 3 MB)

SAML_SSO.zip (18 KB)

Calculating Checksums for Oracle Downloads

Calculating Checksums for Oracle Downloads

It took me quite a while to figure out which check sum algorithm Oracle is using on some of its download pages. E.g. on the OSB download page, we find the comment “Oracle Service Bus Size: 1.06 GB, Check Sum:1490338751”

This check sum is generated by the old unix tool cksum, which protects for accidental corruption during transport, however is not cryptographically secure. See http://en.wikipedia.org/wiki/Cksum for more details.

On Windows we can use cksum.exe which is included in win32 tools from the project win-bash (http://win-bash.sourceforge.net/).  Calculating the check sum for the OSB download on my machine yields:

D:\17Tools\shell.w32-ix86>cksum.exe D:\01Downloads\ofm_osb_generic_11.1.1.6.0_disk1_1of1.zip

1490338751 1149088683 D:\01Downloads\ofm_osb_generic_11.1.1.6.0_disk1_1of1.zip

The first number is the CRC value which matches the value from the oracle website and the second value is the size in bytes.

Oracle Identity Manager: The Active Directory Connector Tutorial

    In this tutorial we demonstrate the usage of the Active Directory Connector, which integrates a Microsoft Active Directory into Oracle Identity Manager. The underlying scenario is the integration as a result of a company acquisition. All users of the Active Directory are transferred to OIM, which is then used for user management and provisioning of AD accounts. This tutorial includes the installation and configuration of Windows Server and Active Directory, as well as the installation and configuration of the AD connector. We will create an AD structure, using organizational units, users, groups, GPOs (group policy objects) and directory access writes, to model a non-trivial scenario which emulates a real world installations. While we keep the total system still simple, the complexity is already at a level which reveals usability aspects of the connector, which are beyond a mere technical proving of concept. A conclusion summarizes this work and points to areas of further study.

We use the following software versions:
• Oracle Identity Manager Connector MS AD User Management 11.1.1.5.0
• Oracle Identity and Access Management 11.1.1.5
• Oracle Database 11g, Release 2
• Oracle Virtual Box 4.1.22
• Oracle Enterprise Linux 5.8 (32-bit)
• Microsoft Windows Server 2008 R2 (64-bit)
• Microsoft Windows 8 Professional (32-bit)

ADConnectorTutorial.pdf (6,4 MB)

Installation of the Oracle Identity Manger

The installation of the Oracle Identity Manager 11g is quite complex and contains some pitfalls that require problem analysis and investigations. In this tutorial we will lead through the installation process of all required product components and development tools. We point out necessary troubleshooting steps and include the analysis of some of the problems. We also provide a detailed list of required installation packages and patches. While analysis during this work was rather time consuming, following the documented steps that circumvent the pitfalls can save a lot of time.

Software versions used:
• Oracle Identity and Access Management (11.1.1.5)
• Oracle SOA Suite 11g (11.1.1.6.0)
• Oracle Weblogic Server 10.3.6 Linux 32-bit
• Java SE Development Kit 6 Update 33 (Linux 32-bit)
• Repository Creation Utility 11.1.1.6.0 Linux
• Oracle JDeveloper 11g (11.1.1.6.0) Studio Edition,  Linux

OIMInstallationTutorial.pdf (4,8 MB)

Oracle Forms and Reports Quick start

During the summer I needed to quickly work myself into Oracle Forms for a business opportunity and I decided to share my experience in form of this quick start guide.

We will look at the installation process on Windows and Linux in a development and production configuration. To work with the Forms samples we install an Oracle Express Edition Database. We will look at the basic operations and a database tutorial to get acquainted with this edition. We also look at an Application Express Example, Oracle’s quick and simple approach to database applications. We will use the development configuration to run through the Forms tutorial “Creating a Master-Detail Form”, which ships with the product. Eventually we will look at a Forms and Reports installation in a high-availability configuration. We propose a setup on two virtual box Linux machines and provide an action plan for its installation.

Software Versions used:

• Weblogic Server 10.3.6 Generic
• JRockit 64-Bit for Windows R28.2.4
• Oracle Forms and Reports 11g Release 2, Windows 64-bit
• Oracle Database Express Edition 11g Release 2
• Oracle Linux Release 5 Update 8 for x86_64 (64 Bit)
• Java SE Development Kit 6 Update 33 for Linux x64
• Oracle Forms and Reports 11g Release 2 for Linux 64 bit
• Oracle SQL Developer 3.1 (3.1.07.42). 

OracleFormsReports.pdf 2,2 MB

Upgrading Vista to Windows 8 on Virtual Box

I still have an old Windows Vista license which I installed on an Oracle Virtual Box machine. However it performs so poorly that it is hardly usable, even on a modern quad core CPU system. Yesterday Microsoft offered an Upgrade from several Windows versions, including Vista, to Windows 8 Pro for 29,90  Euro. I decided to try an upgrade.

We will look at the download and installation process. We actually install the German version of Windows 8 and provide the screens of the dialogs.
Windows8_on_VBox.pdf (2,3 MB)

Installation of Oracle Linux 5.8 on Virtual Box 4.1 with Guest Additions

Today I wanted to install Oracle Linux on virtual box, which I need for some testing systems. Since the installation and especially the setup of the guest additions were not as smooth as I expected, I decided to share the information.

InstallingOracleLinux58.pdf (1.5 MByte)