Take these steps to set the preferred default authentication scheme:Ĭheck the Create check-box for the scheme that is currently set as the default but disabled.Ĭheck the Create check-box(es) for the authentication scheme(s) that you would like to create.Ĭlick the radio button of the scheme that you wish to set as the default. It is not possible to set a default authentication scheme since the default is set to a certain scheme (say OIF-password-protected) but the radio button is disabled. This problem is seen when you configure Oracle Access Manager in Fusion Middleware Control as a Service Provider Integration Module. In short, the keystore/certificate of the SSL endpoint connected to the user (load balancer or Oracle WebLogic Server/Oracle Identity Federation) needs to have its CN set to the hostname of the load balancer, since it is the address that the user will use to connect to Oracle Identity Federation.Ģ8.2.6 Default Authentication Scheme is not Saved In this case, the CN of the keystore/certificate from the Oracle WebLogic Server/Oracle Identity Federation installation needs to reference the address of the load balancer, as the user will connect using the hostname of the load balancer, and the Certificate CN needs to match the load balancer's address.
SSL is configured on the Oracle Identity Federation servers, so that the SSL connection is between the user and the Oracle Identity Federation server. The communication between the load balancer and the WLS/Oracle Identity Federation can be clear or SSL (and in the latter case, Oracle WebLogic Server can use any keystore/certificates, as long as these are trusted by the load balancer). In that case, the keystore/certificate used by the load balancer has a CN referencing the address of the load balancer. In a high availability environment with two (or more) Oracle Identity Federation servers mirroring one another and a load balancer at the front-end, there are two ways to set up SSL:Ĭonfigure SSL on the load balancer, so that the SSL connection is between the user and the load balancer. 28.1.2 Considerations for Oracle Identity Federation HA in SSL mode
0 kommentar(er)
