Step 1: Obtain the IdP metadata for SP configuration
- Launch a browser. Access the Oracle Access Management federation IdP metadata. The URL is of the form : https://oam-runtime-host:oam-runtime-port/oamfed/idp/metadata
- Copy the above metadata URL and keep it handy or you can Save the file locally named as IdPMetadata.xml
Step 2: Configuring Drupal as Service Provider(SP)
- In Drupal SAML SP module, go to Service Provider Setup tab. There are three ways to configure the module:
- Click on Upload Metadata URL button.
- Upload metadata file and click on Upload.
- Click on Upload Metadata URL
- Enter Metadata URL and click on Fetch Metadata.( such as IdPmetadata.xml)
- Provide the required settings (i.e. Identity Provider Name, IdP Entity ID or Issuer, SAML Login URL, X.509 Certificate) and save it.
By Uploading Oracle Access Manager Metadata File:
By Oracle Access Manager Metadata URL:
Manual Configuration :
| Identity Provider Name | Enter your IdP name. For Example : Oracle Access Manager (Any) |
| IdP Entity ID or Issuer | You can find the EntityID in Your IdP-Metadata XML file enclosed in EntityDescriptor tag having attribute as entityID. |
| SAML Login URL | You can find the SAML Login URL in Your IdP-Metadata XML file enclosed in SingleSignOnService tag |
| X.509 Certificate | Enter your IdP name. For Example : Oracle Access Manager (Any)You can find the X.509 Certificate value in your IdP-Metadata file enclosed in x509certificate tag |
Step 3: Obtain the SP metadata for IdP configuration:
- To obtain the Drupal SP metadata you need to provide when configuring Oracle Access Manager Suite Federation as an IdP, perform the following steps:
- Go to the Service Provider Metadata tab of module and click on metadata URL and Save the metadata to a local file as spmeatadata.xml (you can put any name.)
Step 4: Enable Identity Federation in OAM Admin Console
- Perform the following steps to enable Oracle Access Manager Federation: 1) Go to the OAM Admin Console in a browser. The URL is of the form: https://adminhost:adminport/oamconsole
2) Authenticate using OAM Admin user credentials.
3) From the Launch pad Navigate to: Configuration -> Available Services
4) Enable Identity Federation.
Step 5: Configure the IDP, using Metadata from Drupal SP
- To configure the IdP, perform the following steps:
- If you define the user by the email address, use Email Address as the format. Configure the
settings as follows:
-
1) If necessary, copy the metadata file (spmetadata.xml) you obtained from the Drupal SP to the
environment where you are configuring the IdP.
2) Return to the browser page containing the OAM Console, where you enabled Federation.
3) Authenticate again if necessary.
4) Navigate to Launch Pad > Identity Federation > Identity Provider Administration
5) Click on Create Service Provider Partner.
6) Enter a name such as Drupal SP (You can enter any name).7) Ensure Enable Partner is selected.
8) Select SAML 2.0 as the protocol (which is the default).
9) Select Load from Provider Metadata and click Load the Metadata and upload the Drupal SP metadata (spmetadata.xml) that you copied from the Drupal SP UI.
10) Specify the NameID Format Settings. What you specify depends on which attribute you use to define the user.
-
a) Select Email Address as the Name ID format
b) Select User ID Store Attribute as the Name ID Value
c) Enter the User Attribute in the LDAP user record containing the user's email address. For example, if Oracle Internet Directory or Oracle Unified Directory is the User Data Store, the attribute is mail.
d) Click on Save.
Step 6: Test federation SSO between OAM Identity federation and Drupal SP
- To complete the testing, proceed as follows:
- Return to the browser window of Drupal SP containing the Service Provider Setup tab. Click on Test Configuration button to test whether the configuration is successful or not.
- To do SSO make sure the Enable Login with SAML option must be enabled. This option is under Service Provider Setup tab of the module.
Contents
- Step 1Obtain the IdP metadata for SP configuration
- Step 2Configuring Drupal as Service Provider(SP)
- Step 3Obtain the SP metadata for IdP configuration
- Step 4Enable Identity Federation in OAM Admin Console
- Step 5Configure the IDP, using Metadata from Drupal SP
- Step 6Test federation SSO between OAM Identity federation and Drupal SP
×
![ADFS_sso]()
If you don't find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387.