Middlware Cloud Service peut être configuré en Service Provider au sens SAML. afin de mettre en oeuvre du SSO cross-domain (Fédération).
Cela signifie que lorsqu’un utilisateur s’est authentifié auprès d’un Identity Provider (au sens SAML), c’est-à-dire le sien (on premise) , il sera automatiquement accepté (reconnu) sur l’Identity Domain de Documents Cloud Service.
>>> cf détails de setup pour l’outil de fédération SimpleSAMLphp.
Configure Single Sign-On so your users can use their company credentials to log into all applications, including Oracle Cloud applications.
- Load provider Data: The standardized configuration data used to provision a Service Provider or an Identity Provider. It exists in XML form. Metadata ensures that an Identity Provider and a Service Provider can successfully and securely talk to each other.
- SSO Protocol: The browser profile. Oracle Cloud supports the SAML 2.0 POST and Artifact SSO profiles. We recommend the browser POST profile as it avoids the back-channel communication required by the Artifact profile and is simpler to set up.
- User Identifier: User identifier: the Oracle LDAP Directory attribute that is used to map the user information contained in the incoming SSO SAML Assertion to an Oracle Cloud User. It is either the email address or the userID. Contained in: indicates which property in the SAML SSO Assertion should be used to attempt to map the incoming SSO Assertion to an Oracle Cloud user. It is either the NameID, or a SAML Attribute contained in the SAML AttributeStatement. (In the latter case, the administrator must specify the name of the SAML Attribute)
To learn more about the configuration steps and the tasks you need to perform, refer to Managing Single Sign-On.
The Configure an identity provider with Oracle Cloud – Tutorial Series guides you through the configuration steps for different identity providers.
Il y a un tuto intéressant:
Configure ADFS 2.0 as Identity Provider with Oracle Cloud Service as Service Provider
This tutorial describes how to configure Active Directory Federation Services (ADFS) 2.0 as an Identity Provider( (IdP) to be used with Oracle Cloud as the Service Provider (SP).
