Skip Headers
Oracle® Fusion Middleware Administrator's Guide for Oracle Adaptive Access Manager
Release 11g (11.1.1)

Part Number E14568-06
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

G Oracle Adaptive Access Manager Properties

This appendix provides essential properties used by Oracle Adaptive Access Manager.

G.1 Properties

Action Override

The Action Override feature is turned off by default. To enable action overrides, set the following property to "true":

vcrypt.tracker.rules.allowControlledActions

Authenticator Phrase

To customize the phrase in the virtual authentication device, set the following two parameters:

bharosa.user.noun.list
bharosa.user.adj.list

The authenticator phrase is created by these two properties.

Both are comma-separated lists of words.

Examples:

actors,age,air,aircraft
abundant,accessible,accommodating

For images to be displayed, set the following properties

vcrypt.user.image.dirlist.property.name=bharosa.image.dirlist
bharosa.image.dirlist=<imagePath>

The following property in client_resource_<locale>.properties determines whether the QuestionPad is set for visible text input or password (non-visible) input.

bharosa.authentipad.questionpad.datafield.input.type

Valid values are text and password.

The accessible versions of the pads contain tabbing, directions and ALT text necessary for navigation via screen reader and other assistive technologies.

To enable these versions, set the is ADA compliant flag to true.

For native integration the property to control the pads is

desertref.authentipad.isADACompliant

For UIO, the property to control the pads is

bharosa.uio.default.authentipad.is_ada_compliant

Autolearning

To enable autolearning properties:

  1. Ensure that vcrypt.tracker.autolearning.enabled is set to true.

    This property must always be set to true. It is like a "master (on/off) switch" for autolearning.

  2. Set the following properties to true:

    • vcrypt.tracker.autolearning.use.auth.status.for.analysis

      This property must be set to true for the authentication patterns to work. Authentication patterns are the patterns that analyze the data related to authentication (login) related information only.

    • vcrypt.tracker.autolearning.use.tran.status.for.analysis

      This property must be set to true for the transaction-related patterns to work. Transaction related patterns are the one that analyze the transaction related data for autolearning. An example is a pattern that profiles users who are performing wire transfer operations.

  3. If the properties do not exist, create them.

User Name in Lowercase

If you want the user name to be in lowercase, set bharosa.uio.default.username.case.sensitive to false.

By default this property is set to true.

When it is set to true, the user name is always in lower case. If it is set to false, the user name is taken as is.

For example:

myusername

MyUserName

myUserName

If property is true (default), all of these are the same user and will appear in OAAM Admin as "myusername".

If property is false, all of these are different users and will appear in OAAM Admin as entered.

Configurable Actions

To enable the configurable actions feature, set dynamicactions.enabled to true.

Device Registration

Setting the following properties adds text and a checkbox to the bottom of the challenge page. When a user is challenged, the checkbox and text would allow him to register the current device (if it is not already registered). If the device is already registered for that user, the option will not appear unless the user unregisters the device in user preferences.

bharosa.uio.default.registerdevice.enabled=true
bharosa.uio.default.userpreferences.unregister.this.enabled=true
bharosa.uio.default.userpreferences.unregister.all.enabled=true 

In native integration, to enable device registration:

Set bharosa.tracker.send.devideId to true, so the device ID can be captured

Enumerations

For the enumerations to be listed in the Properties Editor, you must set the following property to false:

bharosa.config.ui.list.filter.enum=false

Expiry Behavior for CSR Cases

To set "expiry" behavior for CSR cases (default setting), modify the following properties:

customercare.case.expirybehavior.enum.csrcase.behavior = expiry 
customercare.case.expirybehavior.enum.csrcase.label = Expired
customercare.case.expirybehavior.enum.csrcase.durationInHrs = 24
customercare.case.expirybehavior.enum.csrcase.resetonaccess = false

When durationInHrs is set to 24 hours, the case expires in a day.

When resetonaccess is set to true, the expiration date is reset when a case is accessed.

To disable the "expiry" behavior for CSR cases, modify the following property:

customercare.case.expirybehavior.enum.csrcase.behavior = none 

KBA

Ensure the bharosa.kba.active property is set to true.

The "Questions user will register" setting should be between 3 and 7. This provides enough questions to offer good security but does not over burden a user's memory. The basic industry standard for KBA is 3 registered questions.

The max and min limits are configurable through the following properties.

bharosa.config.type.kba_config.enum.regQuestionsCount.validation.minValue=3 
bharosa.config.type.kba_config.enum.regQuestionsCount.validation.maxValue=7

Proxy Mode Setting

OAAM Server is configured to be in non-proxy mode with the flag bharosa.uio.proxy.mode.flag set to false by default.

The user must explicitly configure OAAM Server to be used in proxy mode.

Scheduler

To enable scheduler so that jobs are run, set the following property to true:

vcrypt.reports.scheduler.activate

By default, the property is set to false. Jobs can be created, but they will not run until the property is changed to true.

Transactions in Session Details

Before you can view transactions in the Session Details page, you must set the property to show transactions to true.

bharosa.trackeradmin.show.transaction.detail=true

Setting the property to false turns off the display for transactions.

G.2 Time Zone

A time zone identifies an area that always shares the same local time.

To set the time zone that will be used for all timestamps in the user interface, use the Property Editor to set oaam.adf.timezone to the desired time zone.

For example,

oaam.adf.timezone = Atlantic/Reykjavik