Security Interop Producers available

Identity Propagation (SSO) From Consumer to Producer in WLP 9.2

In WLP 9.2 we support three types of identity tokens, in preferred order they are:

SAML sender-vouches
UNT Password Digest
UNT Password Text

For each producer there is one portlet with the handle username1. This porlet's markup will be:
username = username
Where username is the logged in user. If no identity token was sent it will display:
username = null
If the token was not accepted a fault will be generated.

To test these you may use wsrp.bea.com:7001 as follows:

SAML sender-vouches:

Note: Prior to testing SAML you will need to send an email to the wsrp-interop list with the following:

The public key used to verify the signature
The Issuer (URI)

WSDL URL:http://wsrp.bea.com:7001/samlProducer/producer?WSDL
Portlet Handle: username1
Username: any (this producer will accept any username, real-world producer may require the user to be pre-registered)
Password: n/a
Sample Request:

<?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <Header xmlns="http://schemas.xmlsoap.org/soap/envelope/"> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1"> <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" AssertionID="e1ba7e82153dfab132868e9004cfe900" IssueInstant="2006-04-05T16:14:41.425Z" Issuer="http://www.bea.com/wsrp/saml" MajorVersion="1" MinorVersion="1"> <Conditions NotBefore="2006-04-05T15:59:41.410Z" NotOnOrAfter="2006-04-05T16:44:41.410Z"/> <AuthenticationStatement AuthenticationInstant="2006-04-05T16:14:41.410Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified"> <Subject> <NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="wsrpConsumer">weblogic</NameIdentifier> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod> </SubjectConfirmation> </Subject> </AuthenticationStatement> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <dsig:Reference URI="#e1ba7e82153dfab132868e9004cfe900"> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <exc14n:InclusiveNamespaces xmlns:exc14n="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList=""/> </dsig:Transform> </dsig:Transforms> <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue>Ic/cMEm1sXigmPVBluosEA9kgg4=</dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue>eUV8TAUe/OfB1z+dqCnOr0U7ikTY2R7uDmbnLKLCGfDnFfvoVF2tDmRKfXs4jsqNINo7ZR1lsqo2ZtF1f5E22B2LPWN6ynQ9vBw5GeX9zzphGPF+qUsKf5vSVII6I/Ie+u/M+xpgr0w0XEHsVqe5F0MdaeXLtwEIgsrup7v/7/I=</dsig:SignatureValue> </dsig:Signature> </Assertion> </wsse:Security> </Header> <soapenv:Body> <urn:getMarkup xmlns:urn="urn:oasis:names:tc:wsrp:v1:types"> <urn:registrationContext xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:nil="true"/> <urn:portletContext> <urn:portletHandle>username1</urn:portletHandle> </urn:portletContext> <urn:runtimeContext> <urn:userAuthentication>wsrp:none</urn:userAuthentication> <urn:portletInstanceKey>minimalPortal_saml1</urn:portletInstanceKey> <urn:namespacePrefix>saml1</urn:namespacePrefix> <urn:sessionID>GzsGtFv0MQ1p9VBfr6Y6Rxv9Zyl2fvlPWv2LhkVRB8LHvhf67TtB!-608018322</urn:sessionID> <urn:extensions> <urn1:LookAndFeelDescriptor xmlns:urn1="urn:bea:wsrp:ext:v1:types"> <urn1:skeletonId>default</urn1:skeletonId> <urn1:skeletonPath>/framework/skeletons</urn1:skeletonPath> <urn1:skinId>default</urn1:skinId> <urn1:skinPath>/framework/skins/</urn1:skinPath> </urn1:LookAndFeelDescriptor> </urn:extensions> </urn:runtimeContext> <urn:userContext> <urn:userContextKey>weblogic</urn:userContextKey> </urn:userContext> <urn:markupParams> <urn:secureClientCommunication>false</urn:secureClientCommunication> <urn:locales>en-US</urn:locales> <urn:locales>en</urn:locales> <urn:mimeTypes>text/html</urn:mimeTypes> <urn:mimeTypes>text/xml</urn:mimeTypes> <urn:mimeTypes>application/xml</urn:mimeTypes> <urn:mimeTypes>application/xhtml+xml</urn:mimeTypes>= <urn:mimeTypes>text/plain</urn:mimeTypes> <urn:mimeTypes>image/png</urn:mimeTypes> <urn:mimeTypes>*/*</urn:mimeTypes> <urn:mode>wsrp:view</urn:mode> <urn:windowState>wsrp:normal</urn:windowState> <urn:clientData> <urn:userAgent>Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc3 Firefox/1.0.7</urn:userAgent> </urn:clientData> <urn:markupCharacterSets>UTF-8</urn:markupCharacterSets> <urn:markupCharacterSets>ISO-8859-1</urn:markupCharacterSets> <urn:markupCharacterSets>*</urn:markupCharacterSets> </urn:markupParams> </urn:getMarkup> </soapenv:Body> </soapenv:Envelope>

UNT Message Digest:

WSDL URL: http://wsrp.bea.com:7001/untDigestProducer/producer?WSDL
Portlet Handle: username1
Username: untdigest
Password: digestisgood
Sample Request:

UNT Message Text:

WSDL URL: http://wsrp.bea.com:7001/untTextProducer/producer?WSDL
Portlet Handle: username1
Username: unttext
Password: textisbad
Sample Request:

wsrp-interop message

Identity Propagation (SSO) From Consumer to Producer in WLP 9.2

SAML sender-vouches:

UNT Message Digest:

UNT Message Text: