|is session new:||true|
This application provides federated authentication using SAML 1.1.
The CES Entitlement Service provides authentication using GID, XGID and returns these within a signed SAML response. In order to utilize the CES authentication one must register each Service Provider, or target server with CES.
The SAML technology, however, enables 'federation' which means its possible for a server to act as an authentication proxy. Which means that server can authenticate on behalf of CES, allowing new servers to participate with CES authentication but not having to be registered with CES.
The authentication utility enables this federation.
This section discusses how to setup the sso_auth_web application (aka ssologin) to act as a federated SAML Identity Provider.
This section discusses how to configure an application(server) to consume the identity of the federated SAML identity provider. NOTE: while it is technically possible to configure any appication server (jboss, tomcat etc) this disucssion is limited to weblogic.
Date: Tue Mar 26 10:53:35 CET 2019