|Oracle® Fusion Middleware Developer's Guide for Oracle Adaptive Access Manager
Release 11g (11.1.1)
Part Number E15480-02
The Oracle Fusion Middleware Developer's Guide for Oracle Adaptive Access Manager provides information to help developers integrate and customize Oracle Adaptive Access Manager and manage configuration changes in integrated deployments of Oracle Adaptive Access Manager.
Information in this book is grouped into the following main parts to help developers quickly locate information:
Part I - Native integration
Part II - Universal Installation Option and related integrations
Part III - Features integration
Part IV - Oracle Adaptive Access Manager customizations
Part V - Oracle Adaptive Access Manager, Oracle Access Manager, and Oracle Identity Manager integration
Part VI - Lifecycle Management
Part VII - Troubleshooting tips/FAQ
Detailed information about Oracle Adaptive Access Manager integration with Oracle Identity Manager and Oracle Access Manager is not covered in this guide. Refer to the Oracle Fusion Middleware Integration Guide for Oracle Access Manager for in-depth conceptual and procedural information.
Oracle Adaptive Access Manager provides APIs to fingerprint devices, collect authentication and transaction logs, run security and business rules, challenge the user to provide correct answers to pre-registered questions, and generate authentication pads such as KeyPad, TextPad, or QuestionPad.
Part 1 contains information about APIs used to integrate Oracle Adaptive Access Manager.
Native Integration Guidelines
An introduction to integrating a client application with Oracle Adaptive Access Manager is presented in Chapter 2, "Natively Integrating with Oracle Adaptive Access Manager." In native integration, the application invokes Oracle Adaptive Access Manager directly and the application itself manages the authentication and challenge flows.
A Web application can communicate with Oracle Adaptive Access Manager using the OAAM Native Client API or through Web Services.
For information on these integrations, see Chapter 3, "Integrating Native .NET Applications," and Chapter 4, "Integrating Native Java Applications."
The native integrations include APIs that are wrappers of the SOAP API published by OAAM and written in the client's native application language.
The static linked integration is an option available for integrations using just the Java language. In this integration, there are no SOAP calls to OAAM, and, instead, the API implementation runs within the client application itself.
For information on the static linked integration, see Chapter 4, "Integrating Native Java Applications."
Oracle Adaptive Access Manager's Universal Installation Option (UIO) reverse proxy deployment option offers login risk-based multifactor authentication to Web applications without requiring any change to the application code.
Part II contains configuration instructions and guidelines for the reverse proxy deployment option in the following chapters:
Part III provides instructions and reference material for the following feature integrations:
Oracle Adaptive Access Manager provides Configurable Actions, a feature which allows users to create new supplementary actions that are triggered based on the result action and/or based on the risk scoring after a checkpoint execution.
Chapter 8, "Configurable Actions" describes how to integrate a Configurable Action with the Oracle Adaptive Access Manager software.
Oracle Adaptive Access Manager 11g provides the framework to support the One Time Password authentication method.
One Time Password (OTP) is used to authenticate an individual based on a single-use alphanumeric credential.
Chapter 9, "OTP Anywhere" provides an example of how to integrate OTP into the system.
Device registration is a feature that allows a user to flag the computer he is using as a safe device. Instructions to enable the feature is provided in Chapter 11, "Device Registration."
Oracle Adaptive Access Manager uses device fingerprinting along with many other types of data to determine the risk associated with a specific access request. Outlines of calls needed to perform the flash fingerprinting are presented in Chapter 10, "Flash Fingerprinting."
Oracle Adaptive Access Manager can be customized by adding custom jars and files to the Oracle Adaptive Access Manager Extensions Shared Library.
Part IV provides instructions for customizations in Chapter 12, "Customizing Oracle Adaptive Access Manager."
Benefits of the Oracle Access Manager-Oracle Adaptive Access Manager-Oracle Identity Manager integration is presented in Chapter 13, "Access and Password Management Integration."
Because of integrated deployment of Oracle Adaptive Access Manager with other applications, configuration changes in those applications might be required in Oracle Adaptive Access Manager.
Part VI contains examples for handling these configuration changes in Chapter 14, "Handling Lifecycle Management Changes."
Chapter 15, "FAQ/Troubleshooting" provides troubleshooting tips and answers to frequently asked questions.