OAM Identity Asserter:
if your Attribute not asserted on target application you need to create OAM Identity Asserter, also OAM Identity Asserter is one of the reason of SSO login page or Application Login Page coming twice.
the reason why we have to create OAM Identity Asserter is when user is coming after authentication from myrealm,OAM is not passing this user information to target application.
creating OAM Identity Asserter
1. login to Weblogic console.
2. click on Security Realms
3. select myrealms(name of your realm)
4. select Providers tab.
5. Click on Lock and Edit.
6. click on New(under Authentication Providers)
7. give name and select Type OAMIdentityAsserter and click OK
8. click on the newly created Authentication Provider.
9. make sure Control Flag is OPTIONAL
10. at Active Types select OAM_REMOTE_USER
if you have have 10g Agents you have to select ObSSOCookie and if you have more attributes to assert you have to select OAM_IDENTITY_ASSERTION.
11. Save and Activate Changes.
12. Restart Admin server.
No comments:
Post a Comment