Accéder au contenu principal

Configuring Oracle Cloud as the Service Provider with SimpleSAMLphp as IDP

In order to establish SSO between enteprise backend and Oracle Public Cloud, it's possible to use SimpleSAMLphp (Federation tool) as an in-house Identity Provider, and setup Oracle Cloud as the Service Povider.
Cf official documentation Managing Single Sign-On about the concept.
SSO relies on SAML 2.0 standard.

Tasks

At the Identity Server (IDP) level

  • Install Apache and PHP 5.3 +
  • Install SimpleSAMLphp
  • Just Follow documentation and yum install php53-mcrypt  instead php-mcrypt if linux complains about it.
  • Test with a simple SP provided with SimplePHPphp.
  • Don't forget to un-comment the example-userpass !
  • Export the metadata in a XML file

At the Cloud Service level

  • Import the previous metadata file
  • Accept default values and don't change anything.
  • At the IDP server level: 
    • Follow documentation Servive Provider Quickstart
      • Update the config/authsources.php with infos provided in the parameter pages (entity Id)
      • EntityID value must be the same value as Provider Id
      • Let's stay in http (vs https) mode for demo purpose
  • Test the SSO (cf output below)
  • enable it, only if test is ok.
Output Display after SSO test


Login page after enabling SSO


SimpleSAMLphp login page

Commentaires

Enregistrer un commentaire

Posts les plus consultés de ce blog

Oracle Documents Cloud Service - Using Upload File REST API

If the Upload File sample given in ODCS documentation is used "as is", we get a http 400 error. The syntax is strict and every blank line must be empty (no space character for instance). If we cust and paste the sample, there are residual space characters which must be removed. So, use this pattern instead: -----1234567890 Content-Disposition: form-data; name="jsonInputParameters" { "parentID": " " } -----1234567890 Content-Disposition: form-data; name="primaryFile"; filename="example.txt" Content-Type: text/plain Hello World! -----1234567890-- instead the original one: -----1234567890 Content-Disposition: form-data; name="jsonInputParameters" { "parentID":"FB4CD874EF94CD2CC1B60B72T0000000000100000001" } -----1234567890 Content-Disposition: form-data; name="primaryFile"; filename="example.txt" Content-Type: text/plain -----1234567890-- Tests can be...
3 commentaires
Lire la suite

Oracle Sites Cloud Service - Apps

It's possible to add kinds of widgets (named APPS) inside any page of a site built with Oracle Sites Cloud Service (SCS). Any app is materialized by two URL: a Renderer Url which will render any HTML fragment inside an iframe tag at runtime a settings url which will be rendrered at design time in the settings menu. all URLs must be called through https (meaning that the called server has to be ssl enabled) In the following samples, we integrate: a dummy app (a simple html page produced with node.js) which demonstrates the parameteres caried by the Sites Cloud engine when calling the backend server,  a regular Apex report or form,  a custom report which calls a rest api generated by Apex /ORDS Sample node.js server.js below is a sample of parameter values get from a dummy node.js server Main call id=26e45e21-dbb6-4877-9886-482b37213d2f instance=eyJpbnN0YW5jZWlkIjoiQTI0NUNFNUNFNjA5MjE1REZBRTA2RTQyRjExOThBNThFNzc4RDc5NzFDMkIiLCJzaWduZGF0ZSI6IjE0NTAxMDg1M...
Enregistrer un commentaire
Lire la suite

Streaming mp3 fromVLC / Icecast to Android

Here are some tips for streaming music to android mobile devices from a PC. Platform which has been used fo test: Ubuntu 11.10 oneiric + a NAS for storing music (windows can fit as well) Videolan VLC 1.1.12 (providing mp3 flow) icecast 2.3.2 (shoutcast radio) Winamp 1.2.12 for Android mobile(music player) Android-vlc-remote for Android (remote control for VLC) Start icecast server icecast2 -c icecast.xml The icecast xml config file is the original one. don't modify anything at this stage.  Setup VLC in order to stream mp3 instead ogg format Close VLC Prepare a playlist (ie: scarlatti.m3u) with Banshee or whatever. Launch VLC in command line vlc scarlatti.m3u --sout '#standard{access=shout,mux=ogg,dst=source:hackme@192.168.0.3:8000/scarlatti}' --sout-keep --extraintf=luahttp --fullscreen --http-album-art     Check that icecast is displaying a mount point for the new radio Check the HTTP...
Enregistrer un commentaire
Lire la suite