Steps to configure SAML 2.0 with Infisign as IDP and Weblogic as SP

Below are the steps to configure SAML 2.0 with Infisign  as Identity Provider and Weblogic as a Service Provider


Infisign IDP configuration :

Step 1 :

Log-in to your Infisign Superadmin account  and navigate to the Applications 

Now click on Applications -> Create App Registration -> select SAML 2.0 -> Click Next.

Step 2 :

Follow the on-screen instructions.

Create a SAML integration as shown below :

Enter the following :

App Intergation Name: WLS

App login  URL : <https://<weblogic_sp_hostname>:<port>/saml2/sp/acs/post

Entity Id : This would be the entity ID that you will be specifying in your WLS SP ( Make a NOTE of what you have entered here, we need to use the same in --> WLS console->Federation Services->SAML2 General-> EntityID)


- Unlike other SAML configurations we are not importing the SP metadata into Infisign IDP, instead we fill-in the above values manually.

-  Hence it is important to make a NOTE of the Audience URI (i.e SP entity ID) and use the same in Weblogic SP configuration.

Step 3 :

We have successfully created a SAML Integration, now lets download the IDP metadata (say INFSIGN_IDP_for_WLS-metadata.xml) from the Sign On sub-tab :

Your Infisign IDP configuration is now complete, lets configure Weblogic as a SAML Service Provider

Weblogic SAML SP configuration :

Step 1 :

Login to Weblogic console -> Security Realms -> myrealm -> Providers -> Authentication -> new -> SAML2IdentityAsserter.

Step 2 :

Click on the newly created SAML2IdentityAsserter (say SAML2IA) -> Management -> new -> "new Web Single Sign-On Identity Provider Partner" (say WebSSO-IdP-Partner-0).

Select the metadata.xml file that you downloaded from Infisign(say INFISIGN_IDP_for_WLS-metadata.xml)

Step 3 :

Click on the newly created IDP partner and enter the following :

Enable (check)

Redirect URIs : /Weblogic_SP_sample_App/restricted/protected_page.jsp

Step 4 :

Click on the Server (where the IDP application is deployed) -> Configuration -> Federation Services -> SAML 2.0 General -> and enter the following :

Publish Site URL :

Entity ID : WLS_SP_for_Infisign

Step 5 :

Click on Server (where the IDP application is deployed) -> Configuration -> Federation Services -> SAML 2.0 Service Provider -> and enter the following :

Enabled (check)

Preferred Binding : POST

Default URL :

You have successfully configured Infisign IDP with Weblogic SP. Time to test it now :

Deploy the sample application on Weblogic (


Now open the Infisign page -> click on the application and check if the protected page of application deployed on WLS is accessible.


- Infisign sends the login name (i.e email address) by default in the SAML token to Weblogic.

- If you want to retrieve the Firstname of the user to authenticate into the protected page of Weblogic SP application, then make the following changes in Infisign :

Login to Infisign dashboard as Admin -> Directory -> Profile Editor

Click on "Apps" -> "Mapping" next to your application

Click on "Infisign to Infisign_IDP_for_WLS" -> Select "firstName" from the dropdown -> "Apply mapping on user create and update" -> "Save mapping"

Now test your application!!

Still need help? Contact Us Contact Us