top of page

Part 3: Implementing SSO for PeopleSoft application residing in OCI and having its AD in Azure.

In the parts 1 & 2 about implementing SSO for the application , We have covered a high level explanation about how the solution works with details about the setup required & downloading, deploying and configuring the AppGateway Services. Incase you haven't looked into the part 1 & 2 yet, please do look into it before proceeding with Part 3. In this part , we would be covering about how to configure Enterprise Application and tag it to the APPGW Services.



Step 1: Create Enterprise Application


Enterprise Application needs to be created for configuring the SSO Resources and authentication policies.

  • Logon to IDCS using an administrator account.

  • Click on Menu -> Applications -> Add.

  • Select the type as - Enterprise Application.

  • Provide the Application Name, description & Application URL. Application URL should be the APPGW Load balancer/APPGW URL which was created in part2.

  • Save and Click on SSO Configuration Tab.

  • Expand resources and add 3 resources as below -

Name : Favicon , URL - /favicon.ico

Name : Logout , URL - <custom URL of your app> , URL Query String - <Custom string of your app>

Name : Root , URL - /.* , Enable Regex

  • Expand Authentication policy and create managed resources as below -

Name : Favicon, Authentication Method - Public

Name: Logout , Authentication Method - Form+Logout

Name : Root, Authentication Method - Form or Accesss Token, Add below headers - Name: OAM_REMOTE_USER , Value: User Name

Name: PS_SSO_UID , Value: User Name

Name: USERLOGGEDIN , Value: User Name

  • Save & activate the Enterprise Application, associate it with users or groups intending to access the SSO App.

Step 1.2: Associate the Enterprise application with the Azure policies


  • Associate the Enterprise Application created with the already existing Azure AD IDP Policies. Add it to the list of the Applications.

  • Associate the Enterprise Application created with the already existing Sign-on Azure Policies.Add it to the list of the Applications.


Step 1.3: Configuring the AppGateway with the Enterprise application created:


  • Add the Enterprise Application created in the above step to the IDCS – AppGateway with the below configuration.

Name : Select the Enterprise Application from the list

Host: Select the Host configured in the AppGateway

Resource Prefix: /

Origin Server: <https://applicationURL mentioned in backend.conf>

Additional Properties: port_in_redirect off;

  • Save the AppGateway setup.

  • Logon to the APPGW Server -> Docker container and restart the docker container’s ngnix web services to have it with the updated Enterprise Application.


Step 1.4: Configure the SSO policies in PeopleSoft Application


Please refer to the below URL for changes on the PeopleSoft Application/Code to enable SSO for the environment.




Step 2: SSO Validation:


It's now time to validate your SSO. Try hitting the AppGW URL and see if it's able to invoke the IDCS/Azure AD and complete the authentication before pushing the connection to the PeopleSoft application.



Thanks guys for looking into my article, please feel free to post your queries/suggestions in the contact us page. I will try to respond as soon as I can. Please note that this is a generic article implemented on my personal system and the article is strictly my personal view on the implementation.









Comments


bottom of page