What is a Fedlet? (snipped from Oracle’s Identity Management Web site)
The Oracle OpenSSO Fedlet (Fedlet) is a compact, easy to deploy SAML 2.0 service provider implementation. It includes a small software package and a simple file-based configuration, embeddable into a service provider’s Java or .NET application. The Fedlet establishes single sign-on (SSO) between an identity provider instance and the service provider application without requiring a fully-featured federation product on the service provider side.
The Oracle OpenSSO Fedlet can accept SAML 2.0 assertions from any SAML 2.0 identity provider and retrieve user attributes to accomplish SSO and content personalization. The Fedlet can be configured to communicate with any number of identity providers. It also can leverage an external discovery service to find the preferred identity provider.
- OIF 11g is configured as an Identity Provider (IDP)
- Fedlet is configured as Service Provider (SP)
- SAML version is 2.0
- Weblogic is already installed and configured
- Have access to the idp.xml metadata file from your Identity Provider
- Installing on either Linux or Solaris (I am installing on Solaris but this is essentially the same for Linux)
Make sure that
$JAVA_HOME/bin is in your
PATH variable, so that JDK commands such as
keytool are accessible.
Copy the Fedlet binary (from Oracle) to /opt/Fedlet_stuff/
Expand the war file:
jar xvf FEDLET_ZIP_DIR/java/fedlet.war
Run the Configure Fedlet Script
java -classpath WEB-INF/lib/opensso-sharedlib.jar:WEB-INF/lib/openfedlib.jar:install/lib/configurefedlet.jar oracle.security.fed.fedlet.install.ConfigureFedlet
Enter the directory with path where Oracle-OpenSSO-Fedlet.zip is extracted to: /opt/Fed_stuff
Enter the URL where this Fedlet will be deployed on (in http(s)://host.domain:port/uri format):
Enter Fedlet Provider ID:[fedlet_sp_sample] // I accepted the default here
Do you want to generate keystore and key pair for the Fedlet? 1=yes/2=no  1
Enter Fedlet keystore password: Re-enter Fedlet keystore password: Enter Fedlet key password: Re-enter Fedlet key password:
Do you want to import IDP metadata? 1=yes/2=no  1
Enter IDP metadata filename with path: /opt/Fed_stuff/idp.xml
Include sample and generate fedletsample.war? 1=yes/2=no  1
Enter the directory with path where the newly generated Fedlet configuration and optionally fedletsample.war should be saved to: /opt/fedlet
Fedlet configuration is created at: /opt/fedlet fedletsample.war is created at: /opt/fedlet
Deploy the newly created war file, that was created here: /opt/fedlet/fedletsample.war
[if you need instructions on deploying the war to Weblogic or Glassfish … then email me and I can provide to you.]
Copy the sp.xml file (from /opt/fedlet/fedlet/sp.xml) to your desktop console.
Import the sp.xml (that you just copied) to the Circle of Trust on your IDP’s OIF Admin Console.