Skip Headers
Oracle® Fusion Middleware Developer's Guide for Oracle Adaptive Access Manager
Release 11g (11.1.1)

Part Number E15480-02
Go to Documentation Home
Go to Book List
Book List
Go to Table of Contents
Go to Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Go to next page
View PDF

1 Introduction to the Developer's Guide

The Oracle Fusion Middleware Developer's Guide for Oracle Adaptive Access Manager provides information to help developers integrate and customize Oracle Adaptive Access Manager and manage configuration changes in integrated deployments of Oracle Adaptive Access Manager.

Information in this book is grouped into the following main parts to help developers quickly locate information:

Detailed information about Oracle Adaptive Access Manager integration with Oracle Identity Manager and Oracle Access Manager is not covered in this guide. Refer to the Oracle Fusion Middleware Integration Guide for Oracle Access Manager for in-depth conceptual and procedural information.

1.1 Native Integration

Oracle Adaptive Access Manager provides APIs to fingerprint devices, collect authentication and transaction logs, run security and business rules, challenge the user to provide correct answers to pre-registered questions, and generate authentication pads such as KeyPad, TextPad, or QuestionPad.

Part 1 contains information about APIs used to integrate Oracle Adaptive Access Manager.

Native Integration Guidelines

An introduction to integrating a client application with Oracle Adaptive Access Manager is presented in Chapter 2, "Natively Integrating with Oracle Adaptive Access Manager." In native integration, the application invokes Oracle Adaptive Access Manager directly and the application itself manages the authentication and challenge flows.

Native and Web Services Integration

A Web application can communicate with Oracle Adaptive Access Manager using the OAAM Native Client API or through Web Services.

For information on these integrations, see Chapter 3, "Integrating Native .NET Applications," and Chapter 4, "Integrating Native Java Applications."

Static Linked Integration

The native integrations include APIs that are wrappers of the SOAP API published by OAAM and written in the client's native application language.

The static linked integration is an option available for integrations using just the Java language. In this integration, there are no SOAP calls to OAAM, and, instead, the API implementation runs within the client application itself.

For information on the static linked integration, see Chapter 4, "Integrating Native Java Applications."

1.2 Universal Installation Option Integrations

Oracle Adaptive Access Manager's Universal Installation Option (UIO) reverse proxy deployment option offers login risk-based multifactor authentication to Web applications without requiring any change to the application code.

Part II contains configuration instructions and guidelines for the reverse proxy deployment option in the following chapters:

1.3 Features Integration

Part III provides instructions and reference material for the following feature integrations:

Configurable Actions

Oracle Adaptive Access Manager provides Configurable Actions, a feature which allows users to create new supplementary actions that are triggered based on the result action and/or based on the risk scoring after a checkpoint execution.

Chapter 8, "Configurable Actions" describes how to integrate a Configurable Action with the Oracle Adaptive Access Manager software.

One-Time Password

Oracle Adaptive Access Manager 11g provides the framework to support the One Time Password authentication method.

One Time Password (OTP) is used to authenticate an individual based on a single-use alphanumeric credential.

Chapter 9, "OTP Anywhere" provides an example of how to integrate OTP into the system.

Device Registration

Device registration is a feature that allows a user to flag the computer he is using as a safe device. Instructions to enable the feature is provided in Chapter 11, "Device Registration."

Flash Fingerprinting

Oracle Adaptive Access Manager uses device fingerprinting along with many other types of data to determine the risk associated with a specific access request. Outlines of calls needed to perform the flash fingerprinting are presented in Chapter 10, "Flash Fingerprinting."

1.4 Customizations and Extension

Oracle Adaptive Access Manager can be customized by adding custom jars and files to the Oracle Adaptive Access Manager Extensions Shared Library.

Part IV provides instructions for customizations in Chapter 12, "Customizing Oracle Adaptive Access Manager."

1.5 Authentication and Password Management Integration

Benefits of the Oracle Access Manager-Oracle Adaptive Access Manager-Oracle Identity Manager integration is presented in Chapter 13, "Access and Password Management Integration."

1.6 Lifecycle Management

Because of integrated deployment of Oracle Adaptive Access Manager with other applications, configuration changes in those applications might be required in Oracle Adaptive Access Manager.

Part VI contains examples for handling these configuration changes in Chapter 14, "Handling Lifecycle Management Changes."

1.7 Troubleshooting/FAQ

Chapter 15, "FAQ/Troubleshooting" provides troubleshooting tips and answers to frequently asked questions.