This article is part 1 of 3 that will explain about how using Microsoft Azure , Oracle IDCS and Oracle AppGateway we can implement Single Sign-on for a PeopleSoft application which resides in OCI but have its active directory in Microsoft Azure. Please note that this article assumes that OCI IDCS & Azure IDCS Federation is already setup. There will be separate article which I will put up for OCI IDCS & Azure AD Federation.
In this article(part 1) , I would be covering the high level overview of how this architecture works.
Assumptions:
This article assumes that there's already a PeopleSoft application (8.59 or later) that has been deployed on Oracle Cloud Infrastructure with a load balancer pointing to the Web/App Servers.
OCI IDCS federation with Azure AD is already complete and can be observed in OCI IDCS - IDP & Sign on policies.
Architecture:
Application Gateway has to be setup for Single Sign On as it protects the application and works as reverse proxy. Below is the architecture which would be implemented as a part of this setup. You can tweak the load balancers and the application APP/WEB Servers as per your requirement.
When a user hits the URL , it first goes to the APP Gateway LB which is protecting the application. The AppGateway authenticates the user in OCI IDCS & Microsoft Azure and then pushes the connection to PeopleSoft Application load balancer upon successful authentication.
Prerequisite:
A compute instance in OCI for deploying the App Gateway Setup in a specific subnet which facilitates the network flow from the user and to the PeopleSoft application load balancers.
Watch out for the next part for the App Gateway setup on the Server & IDCS.
Comentarios