Posts

Showing posts from August, 2011

Adding an OpenID Relying Party to Oracle Identity Federation (OIF)

Since January of 2011 (11.1.1.4), OIF (Oracle Identity Federation) supports OpenID 2.0 both as a Relying Party and as an OpenID provider.


During a recent POC we demonstrated OpenID configured as a RP with Google as the OpenID Provider. What follows is a bit of a cook book on configuring OIF to work with Google as the IdP.


OIF is administered through Enterprise Manager. Log on the OIF EM console (for example, http://demo.com:7411/em).

Step 1: Enable OpenID RP support
Navigate to OIF Administration -> Service provider
Select OpenId 2.0 tabSelect Map User via Federated IdentityUnselect Map user via attribute query Expand Protocol Settings

Click Enable OpenID 2.0 supportClick APPLY to save your changes NOTE: I found that you can not unselect "Map User via Attribute Query". As long as you override this in the IDP specific settings, this should not matter (i.e. I think this is the default if you dont set it in the IDP)

Step 2: Add Google as an IDP
In this step you will c…