Identity Propagation (SSO) From Consumer to Producer in WLP 9.2
In WLP 9.2 we support three types of identity tokens, in preferred
order they are:
For each producer there is one portlet with the handle
username1. This porlet's markup will be:
username = username
Where
username is the logged in user. If no identity token was sent it will display:
username = null
If the token was not accepted a fault will be generated.
To test these you may use wsrp.bea.com:7001 as follows:
SAML sender-vouches:
- Note: Prior to testing SAML you will need to send an email to the wsrp-interop list
with the following:
- The public key used to verify the signature
- The Issuer (URI)
- WSDL URL:http://wsrp.bea.com:7001/samlProducer/producer?WSDL
- Portlet Handle: username1
- Username: any (this producer will accept any username, real-world producer may require the user to be pre-registered)
- Password: n/a
- Sample Request:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<Header xmlns="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" AssertionID="e1ba7e82153dfab132868e9004cfe900" IssueInstant="2006-04-05T16:14:41.425Z" Issuer="http://www.bea.com/wsrp/saml" MajorVersion="1" MinorVersion="1">
<Conditions NotBefore="2006-04-05T15:59:41.410Z" NotOnOrAfter="2006-04-05T16:44:41.410Z"/>
<AuthenticationStatement AuthenticationInstant="2006-04-05T16:14:41.410Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified">
<Subject>
<NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="wsrpConsumer">weblogic</NameIdentifier>
<SubjectConfirmation>
<ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod>
</SubjectConfirmation>
</Subject>
</AuthenticationStatement>
<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<dsig:Reference URI="#e1ba7e82153dfab132868e9004cfe900">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<exc14n:InclusiveNamespaces xmlns:exc14n="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""/>
</dsig:Transform>
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<dsig:DigestValue>Ic/cMEm1sXigmPVBluosEA9kgg4=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>eUV8TAUe/OfB1z+dqCnOr0U7ikTY2R7uDmbnLKLCGfDnFfvoVF2tDmRKfXs4jsqNINo7ZR1lsqo2ZtF1f5E22B2LPWN6ynQ9vBw5GeX9zzphGPF+qUsKf5vSVII6I/Ie+u/M+xpgr0w0XEHsVqe5F0MdaeXLtwEIgsrup7v/7/I=</dsig:SignatureValue>
</dsig:Signature>
</Assertion>
</wsse:Security>
</Header>
<soapenv:Body>
<urn:getMarkup xmlns:urn="urn:oasis:names:tc:wsrp:v1:types">
<urn:registrationContext xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true"/>
<urn:portletContext>
<urn:portletHandle>username1</urn:portletHandle>
</urn:portletContext>
<urn:runtimeContext>
<urn:userAuthentication>wsrp:none</urn:userAuthentication>
<urn:portletInstanceKey>minimalPortal_saml1</urn:portletInstanceKey>
<urn:namespacePrefix>saml1</urn:namespacePrefix>
<urn:sessionID>GzsGtFv0MQ1p9VBfr6Y6Rxv9Zyl2fvlPWv2LhkVRB8LHvhf67TtB!-608018322</urn:sessionID>
<urn:extensions>
<urn1:LookAndFeelDescriptor xmlns:urn1="urn:bea:wsrp:ext:v1:types">
<urn1:skeletonId>default</urn1:skeletonId>
<urn1:skeletonPath>/framework/skeletons</urn1:skeletonPath>
<urn1:skinId>default</urn1:skinId>
<urn1:skinPath>/framework/skins/</urn1:skinPath>
</urn1:LookAndFeelDescriptor>
</urn:extensions>
</urn:runtimeContext>
<urn:userContext>
<urn:userContextKey>weblogic</urn:userContextKey>
</urn:userContext>
<urn:markupParams>
<urn:secureClientCommunication>false</urn:secureClientCommunication>
<urn:locales>en-US</urn:locales>
<urn:locales>en</urn:locales>
<urn:mimeTypes>text/html</urn:mimeTypes>
<urn:mimeTypes>text/xml</urn:mimeTypes>
<urn:mimeTypes>application/xml</urn:mimeTypes>
<urn:mimeTypes>application/xhtml+xml</urn:mimeTypes>=
<urn:mimeTypes>text/plain</urn:mimeTypes>
<urn:mimeTypes>image/png</urn:mimeTypes>
<urn:mimeTypes>*/*</urn:mimeTypes>
<urn:mode>wsrp:view</urn:mode>
<urn:windowState>wsrp:normal</urn:windowState>
<urn:clientData>
<urn:userAgent>Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc3 Firefox/1.0.7</urn:userAgent>
</urn:clientData>
<urn:markupCharacterSets>UTF-8</urn:markupCharacterSets>
<urn:markupCharacterSets>ISO-8859-1</urn:markupCharacterSets>
<urn:markupCharacterSets>*</urn:markupCharacterSets>
</urn:markupParams>
</urn:getMarkup>
</soapenv:Body>
</soapenv:Envelope>
UNT Message Digest:
- WSDL URL: http://wsrp.bea.com:7001/untDigestProducer/producer?WSDL
- Portlet Handle: username1
- Username: untdigest
- Password: digestisgood
- Sample Request:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<Header xmlns="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="unt_O3V4MRf20I2TKr09">
<wsse:Username>untdigest</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">BhfY05nlvR45n4wPHNHH89tuXuo=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">AErLKWd+HKZ46h++ojKbmw==</wsse:Nonce>
<wsu:Created>2006-04-05T16:14:41Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</Header>
<soapenv:Body>
<urn:getMarkup xmlns:urn="urn:oasis:names:tc:wsrp:v1:types">
<urn:registrationContext xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true"/>
<urn:portletContext>
<urn:portletHandle>username1</urn:portletHandle>
</urn:portletContext>
<urn:runtimeContext>
<urn:userAuthentication>wsrp:none</urn:userAuthentication>
<urn:portletInstanceKey>minimalPortal_untDig1</urn:portletInstanceKey>
<urn:namespacePrefix>untDig1</urn:namespacePrefix>
<urn:sessionID>GzsFdKGtSkz4GQ13qypT6JrlbpV6Jjk2QZk2HSnQVZWtbgF6n21T!-608018322</urn:sessionID>
<urn:extensions>
<urn1:LookAndFeelDescriptor xmlns:urn1="urn:bea:wsrp:ext:v1:types">
<urn1:skeletonId>default</urn1:skeletonId>
<urn1:skeletonPath>/framework/skeletons</urn1:skeletonPath>
<urn1:skinId>default</urn1:skinId>
<urn1:skinPath>/framework/skins/</urn1:skinPath>
</urn1:LookAndFeelDescriptor>
</urn:extensions>
</urn:runtimeContext>
<urn:userContext>
<urn:userContextKey>weblogic</urn:userContextKey>
</urn:userContext>
<urn:markupParams>
<urn:secureClientCommunication>false</urn:secureClientCommunication>
<urn:locales>en-US</urn:locales>
<urn:locales>en</urn:locales>
<urn:mimeTypes>text/html</urn:mimeTypes>
<urn:mimeTypes>text/xml</urn:mimeTypes>
<urn:mimeTypes>application/xml</urn:mimeTypes>
<urn:mimeTypes>application/xhtml+xml</urn:mimeTypes>
<urn:mimeTypes>text/plain</urn:mimeTypes>
<urn:mimeTypes>image/png</urn:mimeTypes>
<urn:mimeTypes>*/*</urn:mimeTypes>
<urn:mode>wsrp:view</urn:mode>
<urn:windowState>wsrp:normal</urn:windowState>
<urn:clientData>
<urn:userAgent>Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc3 Firefox/1.0.7</urn:userAgent>
</urn:clientData>
<urn:markupCharacterSets>UTF-8</urn:markupCharacterSets>
<urn:markupCharacterSets>ISO-8859-1</urn:markupCharacterSets>
<urn:markupCharacterSets>*</urn:markupCharacterSets>
</urn:markupParams>
</urn:getMarkup>
</soapenv:Body>
</soapenv:Envelope>
UNT Message Text:
- WSDL URL: http://wsrp.bea.com:7001/untTextProducer/producer?WSDL
- Portlet Handle: username1
- Username: unttext
- Password: textisbad
- Sample Request:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<Header xmlns="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="unt_YKRYjYRIXOaw3KWM">
<wsse:Username>unttext</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">textisbad</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</Header>
<soapenv:Body>
<urn:getMarkup xmlns:urn="urn:oasis:names:tc:wsrp:v1:types">
<urn:registrationContext xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true"/>
<urn:portletContext>
<urn:portletHandle>username1</urn:portletHandle>
</urn:portletContext>
<urn:runtimeContext>
<urn:userAuthentication>wsrp:none</urn:userAuthentication>
<urn:portletInstanceKey>minimalPortal_untTxt1</urn:portletInstanceKey>
<urn:namespacePrefix>untTxt1</urn:namespacePrefix>
<urn:sessionID>GzsG2yqGln1rJTgG27Y6gWQl0QQGJQLf61TvbC8y9Fvqn9LCnd8z!-608018322</urn:sessionID>
<urn:extensions>
<urn1:LookAndFeelDescriptor xmlns:urn1="urn:bea:wsrp:ext:v1:types">
<urn1:skeletonId>default</urn1:skeletonId>
<urn1:skeletonPath>/framework/skeletons</urn1:skeletonPath>
<urn1:skinId>default</urn1:skinId>
<urn1:skinPath>/framework/skins/</urn1:skinPath>
</urn1:LookAndFeelDescriptor>
</urn:extensions>
</urn:runtimeContext>
<urn:userContext>
<urn:userContextKey>weblogic</urn:userContextKey>
</urn:userContext>
<urn:markupParams>
<urn:secureClientCommunication>false</urn:secureClientCommunication>
<urn:locales>en-US</urn:locales>
<urn:locales>en</urn:locales>
<urn:mimeTypes>text/html</urn:mimeTypes>
<urn:mimeTypes>text/xml</urn:mimeTypes>
<urn:mimeTypes>application/xml</urn:mimeTypes>
<urn:mimeTypes>application/xhtml+xml</urn:mimeTypes>
<urn:mimeTypes>text/plain</urn:mimeTypes>
<urn:mimeTypes>image/png</urn:mimeTypes>
<urn:mimeTypes>*/*</urn:mimeTypes>
<urn:mode>wsrp:view</urn:mode>
<urn:windowState>wsrp:normal</urn:windowState>
<urn:clientData>
<urn:userAgent>Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc3 Firefox/1.0.7</urn:userAgent>
</urn:clientData>
<urn:markupCharacterSets>UTF-8</urn:markupCharacterSets>
<urn:markupCharacterSets>ISO-8859-1</urn:markupCharacterSets>
<urn:markupCharacterSets>*</urn:markupCharacterSets>
</urn:markupParams>
</urn:getMarkup>
</soapenv:Body>
</soapenv:Envelope>