|Martien van den Akker|
SSO with ADFS for APEX Using Weblogic and ORDS: How I did it and Where I Tripped.
Martien van den Akker, Darwin-IT Professionals
For a Dutch university and an intermediate vocational education I implemented Single Sign On for an Apex with Active Directory Federation Services as an Identity Provider, and a combination of Weblogic, Oracle HTTP Server and ORDS as a Service Provider. In this session or article I want to explain the architecture, how I set this up using the particular components and where I tripped, but stood up again and finally got it working. For Apex Single Sign On, what seemed like a simple task, turned out somewhat of a struggle. The secret sauce was ORDS deployed in Weblogic. But how to: get Apex/ORDS to turnover the authentication to Weblogic? get the Apex/ORDS REST services for the pictures to get routed correctly? route the SAML token requests from a sensible URI to Weblogics /saml2 servlet? provide a user-friendly URL for Apex applications? route non-SSO request via Tomcat to APEX? I want to take you through the process of pitfalls and caveats and picture how we got it working after all and present you a summary of our findings.
Martien van den Akker started in IT in 1994. In 1998 he joined Oracle as development specialist on Oracle Designer, Forms, Reports and Pl/Sql. With Oracle Streams/AQ, Workflow and InterConnect the focus turned to integration. Martien was one of the first to become an expert on BPEL Process Manager, after the introduction by Oracle. He was also one of the first to implement Oracle Integration B2B in the Netherlands. Both products are now integral parts of SOA Suite. Martien is an expert on the Fusion Middleware components Weblogic, Oracle Service Bus, SOA and BPM Suite and now has his focus on Oracle's PaaS offering. Martien is employed by Darwin IT-Professionals since 2007, is a frequent speaker and trainer, and blogs enthusiastically. Since november 2017 Martien is awarded with the Oracle ACE award.