Contents

List of Figures

List of Tables

Title and Copyright Information

Preface

• Audience
• Documentation Accessibility
• Related Documents
• Conventions

1 Introduction to the Developer's Guide

Part I Native Integration

2 Natively Integrating Oracle Adaptive Access Manager

• 2.1 Introduction
  • 2.1.1 What is Native Integration?
  • 2.1.2 SOAP Service Wrapper API Integration
  • 2.1.3 In-Proc Integration
  • 2.1.4 SOAP Service Wrapper API vs. In-Proc Method
  • 2.1.5 Non-Native Integration - SOAP Services
  • 2.1.6 Sample Application as a Reference for Native Integration
    • 2.1.6.1 Setting Up the Native SOAP-based OAAM Sample Application
    • 2.1.6.2 Setting Up the Native In-Proc-Based OAAM Sample Application
  • 2.1.7 Integrating Virtual Authentication Devices, Knowledge-Based Authentication, and One-Time Password
  • 2.1.8 User Name Page (c1)
  • 2.1.9 Device Fingerprint Flow (r2)
  • 2.1.10 Run Pre-Authentication Rules (r1)
  • 2.1.11 Run Virtual Authentication Device Rules (r3)
  • 2.1.12 Generate a Generic TextPad (p1)
  • 2.1.13 Generate a Personalized TextPad or KeyPad (p2)
  • 2.1.14 Display TextPad and KeyPad (s2 and s3)
  • 2.1.15 Decode Virtual Authentication Device Input (p3)
  • 2.1.16 Validate User and Password (c2)
  • 2.1.17 Update Authentication Status (p4)
  • 2.1.18 Password Status (c3)
  • 2.1.19 Run Post-Authentication Rules (r4)
  • 2.1.20 Check Registration for User (p5)
  • 2.1.21 Run Registration Required Rules (r5)
  • 2.1.22 Enter Registration Flow (p6)
  • 2.1.23 Run Challenge Rules (r6)
  • 2.1.24 Run Authentication Rules (r7)
  • 2.1.25 Challenge the User (p7)
  • 2.1.26 Check Answers to Challenge (c4)
  • 2.1.27 Lock Out Page (c6)
  • 2.1.28 Landing or Splash Page (c5)

3 Integrating Native .NET Applications

• 3.1 Introduction
• 3.2 Oracle Adaptive Access Manager .NET SDK
• 3.3 Configuration Properties
  • 3.3.1 How the API Uses Properties
  • 3.3.2 Encrypting Property Values
  • 3.3.3 Using User-Defined Enumerations to Define Elements
• 3.4 Oracle Adaptive Access Manager API Usage
  • 3.4.1 User Details
  • 3.4.2 User Logins and Transactions
  • 3.4.3 Rules Engine
    • 3.4.3.1 Device ID
    • 3.4.3.2 Creating and Updating Bulk Transactions
  • 3.4.4 Validate a User with Challenge Questions
  • 3.4.5 Reset Challenge Failure Counters
  • 3.4.6 Virtual Authentication Devices
    • 3.4.6.1 Creating a Virtual Authentication Device
    • 3.4.6.2 Embedding a Virtual Authentication Device in a Web Page
    • 3.4.6.3 Validating User Input with a Virtual Authentication Device
  • 3.4.7 Specify Credentials to the Oracle Adaptive Access Manager SOAP Server
  • 3.4.8 Trace Messages
• 3.5 Integration Example Using the Sample Applications
  • 3.5.1 ASP.NET Applications
  • 3.5.2 Sample Application Details
    • 3.5.2.1 SampleWebApp
    • 3.5.2.2 SampleWebAppTracker
    • 3.5.2.3 SampleWebAppAuthTracker
    • 3.5.2.4 SampleKBATracker
  • 3.5.3 Setting Up the Environment
    • 3.5.3.1 Modifying the web.config File
    • 3.5.3.2 Setting Properties for Images
    • 3.5.3.3 Running the Application
  • 3.5.4 Example: Enable Transaction Logging and Rule Processing
  • 3.5.5 OAAM .NET API

4 Natively Integrating OAAM with Java Applications

• 4.1 About the Oracle Adaptive Access Manager Shared Library
  • 4.1.1 Overview of the Integration Process
  • 4.1.2 Using Oracle Adaptive Access Manager Shared Library in Web Applications
  • 4.1.3 Using Oracle Adaptive Access Manager Shared Library in Enterprise Applications
  • 4.1.4 Customizing/Extending/Overriding Oracle Adaptive Access Manager Properties
• 4.2 OAAM Java In-Proc Integration
• 4.3 OAAM SOAP Integration
  • 4.3.1 Set Up SOAP Security
  • 4.3.2 Set SOAP Related Properties in oaam_custom.properties
• 4.4 About VCryptResponse
• 4.5 Oracle Adaptive Access Manager APIs
  • 4.5.1 addQuestion
  • 4.5.2 authenticatePassword
  • 4.5.3 authenticateQuestion
  • 4.5.4 cancelAllTemporaryAllows
  • 4.5.5 clearSafeDeviceList
  • 4.5.6 createOAAMSession
  • 4.5.7 createOrUpdateEntities
  • 4.5.8 createTransaction
  • 4.5.9 createUser
  • 4.5.10 deleteQuestion
  • 4.5.11 generateOTP
  • 4.5.12 getActionCount
  • 4.5.13 getCaption
  • 4.5.14 getFinalAuthStatus
  • 4.5.15 getImage
  • 4.5.16 getRulesData
  • 4.5.17 getSecretQuestion
  • 4.5.18 getSignOnQuestions
  • 4.5.19 getUserByLoginId
  • 4.5.20 handleTrackerRequest
  • 4.5.21 handleTransactionLog
  • 4.5.22 IsDeviceMarkedSafe
  • 4.5.23 markDeviceSafe
  • 4.5.24 processPatternAnalysis
  • 4.5.25 processRules
  • 4.5.26 resetUser
  • 4.5.27 searchEntityByKey
  • 4.5.28 setCaption
  • 4.5.29 setImage
  • 4.5.30 setPassword
  • 4.5.31 setTemporaryAllow
  • 4.5.32 updateAuthStatus
  • 4.5.33 updateLog
  • 4.5.34 updateTransaction
  • 4.5.35 updateTransactionStatus

5 Creating, Updating, and Searching for Entities Using the Entity API

• 5.1 About the Entity APIs
  • 5.1.1 Entity Tasks
  • 5.1.2 Processing Status
  • 5.1.3 Create or Update Entities
  • 5.1.4 Replace or Merge Attributes
  • 5.1.5 Search Entity By Key
• 5.2 Creating Entities and Mapping Attributes
  • 5.2.1 Entity Data Map
  • 5.2.2 Complex Entity
  • 5.2.3 Creating a Simple Entity
  • 5.2.4 Updating Attributes of an Existing Entity
  • 5.2.5 Erasing the Value of Attributes of an Existing Entity
  • 5.2.6 Creating an Entity that has Related Entities with Complete Data of Both Top-Level Entity and Related Entities
  • 5.2.7 Creating an Entity that has Related Entities (with Multiple Instances of a Single Entity) with Complete Data of Both Top-Level Entity and Related Entities
  • 5.2.8 Creating an Entity that has Related Entities with Complete Data of Top-level Entity and Entity Ids of One or More Related Entities
  • 5.2.9 Updating Related Entities of an Entity with Entity Ids of Related Entities
  • 5.2.10 Unlinking Linked Entities.
  • 5.2.11 Searching for an Entity on the Basis of Entity ID or Key Data
• 5.3 Data Storage
  • 5.3.1 Data Model
  • 5.3.2 Metadata
  • 5.3.3 Expiry of Records
  • 5.3.4 Transaction-Entity Mapping
  • 5.3.5 Storing Entity Relationships in Transaction Create/Update
• 5.4 Use Cases

Part II Universal Installation Option

6 Oracle Adaptive Access Manager Proxy

• 6.1 Introduction
  • 6.1.1 Important Terms
  • 6.1.2 Architecture
  • 6.1.3 References
• 6.2 Installing UIO Apache Proxy
  • 6.2.1 Before You Begin - UIO Proxy Files for Windows and Linux
    • 6.2.1.1 Windows
    • 6.2.1.2 Linux
  • 6.2.2 Downloading or Building the Apache httpd
    • 6.2.2.1 Windows
    • 6.2.2.2 Linux
  • 6.2.3 Copying the UIO Apache Proxy and Supported Files to Apache
    • 6.2.3.1 Windows
    • 6.2.3.2 Linux
  • 6.2.4 Configuring Memcache (for Linux only)
  • 6.2.5 Configuring httpd.conf
    • 6.2.5.1 Basic Configuration without SSL
    • 6.2.5.2 Configuration with SSL
  • 6.2.6 Modifying the UIO Apache Proxy Settings
    • 6.2.6.1 UIO_Settings.xml
    • 6.2.6.2 UIO_log4j.xml
    • 6.2.6.3 Application configuration XMLs
• 6.3 Setting Up Rules and User Groups
• 6.4 Setting Up Policies
• 6.5 Configuring the UIO Proxy
  • 6.5.1 Elements of the UIO Proxy Configuration File
    • 6.5.1.1 Components of Interceptors
    • 6.5.1.2 Conditions
    • 6.5.1.3 Filters
    • 6.5.1.4 Filter Examples - ProcessString
    • 6.5.1.5 Filter Examples - FormatString
    • 6.5.1.6 Actions
    • 6.5.1.7 Variables
    • 6.5.1.8 Application
  • 6.5.2 Interception Process
  • 6.5.3 Configuring Redirection to the Oracle Adaptive Access Manager Server Interface
• 6.6 Application Discovery
  • 6.6.1 Application Information
  • 6.6.2 Setting Up the UIO Apache Proxy
  • 6.6.3 Scenarios
• 6.7 Samples
  • 6.7.1 Descriptions for Interceptors
  • 6.7.2 Flow for BigBank without UIO Proxy
    • 6.7.2.1 Login
    • 6.7.2.2 Logout
  • 6.7.3 Flow for First-time User to Log In and Log Out of BigBank with UIO Proxy
• 6.8 Upgrading the UIO Apache Proxy
  • 6.8.1 UIO Apache Proxy Patch Installation Instructions
  • 6.8.2 Patch Unsuccessful

Part III Customization and Extensions

7 Using the OAAM Extensions Shared Library to Customize OAAM

• 7.1 Overview
• 7.2 Customizing OAAM By Editing Enums
• 7.3 Adding Customizations Using the OAAM Extensions Shared Library

8 Customizing OAAM Web Application Pages

• 8.1 Tips for Customizing the OAAM Web Application Pages
• 8.2 OAAM Properties
  • 8.2.1 Enum Example
  • 8.2.2 Overriding Existing User-Defined Enums
  • 8.2.3 Disabling Elements
• 8.3 Customizing the OAAM Server for Multiple Applications
  • 8.3.1 Determining the Application ID
  • 8.3.2 Determining Default User Groups
  • 8.3.3 Configuring Application Properties
  • 8.3.4 Property Extension
• 8.4 Customizing the Appearance of OAAM Server Pages
  • 8.4.1 Customizing Headers and Footers
  • 8.4.2 Modifying User Interface Styles
  • 8.4.3 Customizing Content and Messaging
• 8.5 Questions/Answers About User Interface Customizations

9 Customizing User Flow and Layout

• 9.1 User Flows and Layout
  • 9.1.1 Struts Actions
    • 9.1.1.1 Action Definition
    • 9.1.1.2 Action Type
  • 9.1.2 Base Layout Definition
  • 9.1.3 How Struts and Tiles Work Together
• 9.2 Custom User Flows and Layout Example
  • 9.2.1 Customize the Look-and-Feel
  • 9.2.2 Customize the User Page Flows and Actions
• 9.3 tiles-def.xml File
• 9.4 Struts Configuration File

10 Configuring Properties for Localization

• 10.1 Turning Off Localization
• 10.2 Overriding Localized Properties
• 10.3 Configuring Language Defaults for Oracle Adaptive Access Manager
  • 10.3.1 Example 1
  • 10.3.2 Example 2
  • 10.3.3 Example 3
  • 10.3.4 Example 4
• 10.4 Customizing Abbreviations and Equivalences for Locales

11 Setting Up Custom Fingerprinting

• 11.1 Out of the Box Fingerprint Types
• 11.2 Set Up Custom Fingerprinting

12 Flash Fingerprinting in Native Integration

• 12.1 Device Fingerprinting
• 12.2 Definitions of Variables and Parameters
• 12.3 Option 1
  • 12.3.1 Option 1 Flow
  • 12.3.2 Option 1 Code Example
• 12.4 Option 2
  • 12.4.1 Option 2 Flow
  • 12.4.2 Option 2 Code Example
• 12.5 Option 3
  • 12.5.1 Option 3 Flow
  • 12.5.2 Option 3 Code Example
• 12.6 Common Update
• 12.7 Flash Fingerprinting Included in Web Application with Native Integration

13 Extending Device Identification

• 13.1 What is Device Identification?
  • 13.1.1 Data Gathering
  • 13.1.2 Data Processing
  • 13.1.3 Data Storage
• 13.2 When to Extend Device Identification
  • 13.2.1 Prerequisites
  • 13.2.2 Developing a Custom Device Identification Extension
    • 13.2.2.1 Implement the Client Side Extension
    • 13.2.2.2 Add Properties Related to Custom Device Identification Extension to OAAM Extensions Shared Library
    • 13.2.2.3 Extend/Implement the DeviceIdentification Extension Class
  • 13.2.3 Overview of Interactions
  • 13.2.4 Compile, Assemble and Deploy
  • 13.2.5 Important Note About Implementing the Extension

14 Enabling Device Registration

Part IV Integrating Applications

15 Integrating Client Applications with OAAM for Transactions

• 15.1 Transaction Example
• 15.2 About the Transaction Flow
• 15.3 High-Level Steps Required to Integrate Native Client Applications with OAAM
• 15.4 OAAM Set Up and Configuration
  • 15.4.1 Set Up Transaction Definitions
  • 15.4.2 Set up Policies and Rules
  • 15.4.3 Sizing and Capacity Requirements
• 15.5 Client Setup
• 15.6 Entity and Transaction APIs
  • 15.6.1 Sequence of API Calls
  • 15.6.2 Out-of-the-Box Checkpoints
    • 15.6.2.1 Pre-Transaction Checkpoint
    • 15.6.2.2 Post - Transaction Checkpoint
  • 15.6.3 Entities API List
    • 15.6.3.1 create OrUpdateEntities
    • 15.6.3.2 SearchEntityByKey
• 15.7 Run-time Data Analysis
  • 15.7.1 Investigation Transaction Search, Comparison, and Utility Panel
  • 15.7.2 BIP Reports
• 15.8 Targeted Purging of Transaction and Entity Data

16 Implementing OTP Anywhere

• 16.1 About the OTP Implementation
• 16.2 Concepts and Terms
• 16.3 Prerequisites
  • 16.3.1 Install SOA Suite
  • 16.3.2 Configure the Oracle User Messaging Service Driver
    • 16.3.2.1 Email Driver
    • 16.3.2.2 SMPP Driver
• 16.4 OTP Setup
• 16.5 Configure OTP
  • 16.5.1 Integrate Oracle User Messaging Service
  • 16.5.2 Enable OTP Challenge Types
  • 16.5.3 Enable Registration and User Preferences
• 16.6 Customize OTP
  • 16.6.1 Customize Registration Fields and Validations
  • 16.6.2 Customize Terms and Conditions
  • 16.6.3 Customize Registration Page Messaging
  • 16.6.4 Customize Challenge Page Messaging
  • 16.6.5 Customize OTP Message Text
  • 16.6.6 Enable Opt Out Functionality
• 16.7 Register SMS Processor to Perform Work for Challenge Type
• 16.8 Customize One-Time Password Generation
• 16.9 Customize One Time Password Expiry Time
• 16.10 Configure the Challenge Pads Used for Challenge Types
• 16.11 Customize OTP Anywhere Data Storage
  • 16.11.1 com.bharosa.uio.manager.user.UserDataManagerIntf
  • 16.11.2 Default Implementation - com.bharosa.uio.manager.user.DefaultContactInfoManager
  • 16.11.3 Custom Implementation Recommendations
  • 16.11.4 Configure Properties
• 16.12 Example Configurations
  • 16.12.1 Additional Registration Field Definitions Examples
    • 16.12.1.1 Email Input
    • 16.12.1.2 Phone Input
    • 16.12.1.3 Example - OTP Registration Page to Display Values for Entry of an Email Address Instead of a Mobile Phone
    • 16.12.1.4 IM Input
  • 16.12.2 Additional Challenge Message Examples
    • 16.12.2.1 Customize OTP Email Message
    • 16.12.2.2 Customize OTP IM Message
  • 16.12.3 Additional Processors Registration Examples
    • 16.12.3.1 Register Email Challenge Processor
    • 16.12.3.2 Register IM Challenge Processor
• 16.13 Challenge Use Case

17 Integrating Mobile Applications with OAAM

• 17.1 Overview for Integrating Mobile Applications with OAAM
• 17.2 Determine Mobile Device Fingerprint
• 17.3 Develop/Enhance Client Server Interfaces to Handle OAAM-Specific Data
• 17.4 Out-of-the-box Mobile Device Identification Policy
  • 17.4.1 Identify Device by Mobile Cookie
  • 17.4.2 New Device
• 17.5 Review Out-of-the-Box Security Policies and Develop Custom Policies If Required
• 17.6 Process to Manage Lost or Stolen Devices
• 17.7 Process to Manage Black Listed Devices
• 17.8 Handle Mobile Specific Rule Outcomes
• 17.9 Customizing User Interface for Mobile Devices
• 17.10 Custom Mobile CSS File Inclusion

18 Integrating Juniper SSL VPN and OAAM

• 18.1 Introduction
• 18.2 Authentication and Forgot Password Flows
  • 18.2.1 Authentication Flow
  • 18.2.2 Forgot Password Flow
• 18.3 Security and Authentication Integration
  • 18.3.1 Integration Roadmap
  • 18.3.2 Pre-requisites
  • 18.3.3 Configure the Authentication Provider
  • 18.3.4 Import the SAML Configuration-Related Server Properties Using the OAAM Administration Console
  • 18.3.5 Set Up Certificate for Signing the Assertion
    • 18.3.5.1 Create Private Key for Certificate
    • 18.3.5.2 Create a Certificate Request
    • 18.3.5.3 Submit the Certificate Signing Request (CSR) to a Certificate Authority
    • 18.3.5.4 Act as Your Own Certificate Authority
    • 18.3.5.5 Import the Certificate into Your Keystore
  • 18.3.6 Configure Oracle Platform Security Services (OPSS) for Integration
  • 18.3.7 Modify Integration Properties Using the OAAM Administration Console
  • 18.3.8 Configure Juniper SSL
    • 18.3.8.1 Create SAML 1.1 Authentication Server
    • 18.3.8.2 Create a User Realm for SAML
    • 18.3.8.3 Create Sign-In Policy
• 18.4 Verify the Integration
• 18.5 Debug the Integration
• 18.6 Troubleshooting Common Problems
  • 18.6.1 Juniper SA and OAAM Clock Synchronization
  • 18.6.2 Absence of a Correct Certificate on Juniper
  • 18.6.3 Signing Failure in SAML Response
  • 18.6.4 Entry Point URL for OAAM

19 Integrating Java Message Service Queuing

• 19.1 Introduction
• 19.2 Monitoring Access
• 19.3 Basic Concepts
• 19.4 Pre-requisites
• 19.5 Install the Healthcare Asynchronous Deployment Example
• 19.6 Update the OAAM Extensions Library
• 19.7 Setting Up JMS Queues
• 19.8 Creating Database Views for the Entities and Transactions
• 19.9 JMS Integration
  • 19.9.1 Web Services API
    • 19.9.1.1 VCryptTracker.updateLog
    • 19.9.1.2 VCryptTracker.updateEntity
    • 19.9.1.3 VCryptTracker.createTransaction
    • 19.9.1.4 VCryptRulesEngine.processRules
    • 19.9.1.5 MessageList
  • 19.9.2 JMS Integration Overview
  • 19.9.3 Registering the JMS Listener
  • 19.9.4 Configuring Message Processor
• 19.10 Using the Java Code Example to Send a Message to a JMS Queue
• 19.11 XML Schema
• 19.12 Python Rule Condition
• 19.13 Example Python Expressions

Part V Custom Development

20 Developing a Virtual Authentication Device

• 20.1 What is a Virtual Authentication Device?
  • 20.1.1 Virtual Authentication Device Terminology
  • 20.1.2 Virtual Authentication Types
    • 20.1.2.1 TextPad
    • 20.1.2.2 PinPad and KeyPad
    • 20.1.2.3 QuestionPad
  • 20.1.3 Virtual Authentication Device Configuration Files and Properties
    • 20.1.3.1 Files Used in Virtual Authentication Device Configuration
    • 20.1.3.2 Virtual Authentication Device Property Construction
    • 20.1.3.3 Randomization and Jitter Properties
• 20.2 What Elements of the Authenticator Can Be Customized?
  • 20.2.1 Virtual Authentication Device Composition
  • 20.2.2 Personalized Image
  • 20.2.3 Frames
    • 20.2.3.1 TextPad Authenticator Image and Frame Properties
    • 20.2.3.2 PinPad Authenticator Image and Frame Properties
    • 20.2.3.3 QuestionPad Authenticator Image and Frame Properties
    • 20.2.3.4 KeyPad Authenticator Image and Frame Properties
  • 20.2.4 Enter Key, Personalized Phrase, and Time Stamp Positioning
    • 20.2.4.1 TextPad Visual Elements
    • 20.2.4.2 PinPad Visual Elements
    • 20.2.4.3 QuestionPad Visual Elements
    • 20.2.4.4 KeyPad Visual Elements
  • 20.2.5 KeysSets
• 20.3 Customization Steps
• 20.4 Simple Configuration Example
  • 20.4.1 Designing the Frame
  • 20.4.2 Positioning the Elements
• 20.5 Displaying Virtual Authentication Devices
  • 20.5.1 Setting Up Before Calling the get<pad_type> Method
  • 20.5.2 Getting the Virtual Authentication Device
  • 20.5.3 Setting Timestamp and Time Zone
  • 20.5.4 Displaying Virtual Authentication Devices
• 20.6 Enabling Accessible Versions of Authenticators
• 20.7 Customizing the OAAM Server Pages
• 20.8 Localizing Virtual Authentication Device in OAAM 11g
  • 20.8.1 Overview
  • 20.8.2 Example Using German Locale
• 20.9 Scenarios

21 Building a Custom Application

• 21.1 Introduction
• 21.2 Sample Application as a Reference for Integration
• 21.3 UIOContext
• 21.4 Integration Processors
  • 21.4.1 IntegrationProcessorIntf Interface
  • 21.4.2 Common User Flows
  • 21.4.3 Integration Processor Parameters
    • 21.4.3.1 Check for Integration ID
    • 21.4.3.2 Integration Processor Registration
    • 21.4.3.3 Oracle Access Management Access Manager Specific Integration Properties for Authentication Levels
• 21.5 Task Processor
  • 21.5.1 TaskProcessorIntf
  • 21.5.2 AbstractTaskProcessor
  • 21.5.3 Default Classes
  • 21.5.4 Task Processor Registration
• 21.6 Special Processors
  • 21.6.1 Checkpoint Processor
  • 21.6.2 Rules Results Processor
  • 21.6.3 Legacy Rules Result Processors
• 21.7 Challenge Processors
  • 21.7.1 What are Challenge Processors
  • 21.7.2 How to Create Challenge Processors
    • 21.7.2.1 Class
    • 21.7.2.2 Methods
    • 21.7.2.3 Example: Email Challenge Processor Implementation
    • 21.7.2.4 Secret (PIN) Implementation
  • 21.7.3 Define the Delivery Channel Types for the Challenge Processors
    • 21.7.3.1 Challenge Type Enum
    • 21.7.3.2 Example: Defining an OTP Channel Type
  • 21.7.4 Configure User Input Properties
    • 21.7.4.1 Enable Registration and Preferences Input
    • 21.7.4.2 Set Contact Information Inputs
  • 21.7.5 Configure the Challenge Pads Used for Challenge Types
• 21.8 Provider Registration
  • 21.8.1 Authentication Manager
  • 21.8.2 Password Manager
  • 21.8.3 User Data Manager

22 Developing a Custom Loader for OAAM Offline

• 22.1 Base Framework
  • 22.1.1 Overview
  • 22.1.2 Important Classes
  • 22.1.3 General Framework Execution
• 22.2 Default Implementation
  • 22.2.1 Default Load Implementation
  • 22.2.2 Default Playback Implementation
• 22.3 Implementation Details: Overriding the Loader or Playback Behavior
• 22.4 Implement RiskAnalyzerDataSource
  • 22.4.1 Extending AbstractJDBCRiskAnalyzerDataSource
  • 22.4.2 Extending AbstractTextFileAnalyzerDataSource
  • 22.4.3 Extending AbstractRiskAnalyzerDataSource
• 22.5 Implement RunMode
  • 22.5.1 Extending AbstractLoadLoginsRunMode
  • 22.5.2 Extending AbstractLoadTransactionsRunMode
  • 22.5.3 Extending PlaybackRunMode

23 Creating OAAM Oracle BI Publisher Reports

• 23.1 Create Oracle BI Publisher Reports on Data in the OAAM Schema
  • 23.1.1 Create a Data Model
  • 23.1.2 Map User Defined Enum Numeric Type Codes to Readable Names
    • 23.1.2.1 Results Display
    • 23.1.2.2 English Only User Defined Enum Result Display
    • 23.1.2.3 Internationalized User Defined Enum Result Display
  • 23.1.3 Adding Lists of Values
    • 23.1.3.1 User Defined Enums as List of Values for Filtering, English Only
    • 23.1.3.2 User Defined Enums as List of Values for Filtering, Internalized
  • 23.1.4 Adding Geolocation Data
  • 23.1.5 Adding Sessions and Alerts
    • 23.1.5.1 Type Code Lookups
  • 23.1.6 Example
  • 23.1.7 Adding Layouts to the Report Definition
• 23.2 Building OAAM Transactions Reports
  • 23.2.1 Get Entities and Transactions Information
  • 23.2.2 Discover Entity Data Mapping Information
    • 23.2.2.1 Information about Data Types
    • 23.2.2.2 Discover Entity Data Details Like Data Type, Row and Column Mappings
    • 23.2.2.3 Build Entity Data SQL Queries and Views
  • 23.2.3 Discover Transaction Data Mapping Information
    • 23.2.3.1 Discover Transaction data details like Data Type, Row and Column mappings
    • 23.2.3.2 Build Transaction Data SQL Queries and Views
  • 23.2.4 Build Reports
    • 23.2.4.1 Building Entity Data Reports
    • 23.2.4.2 Building Transaction Data Reports
    • 23.2.4.3 Joining Entity Data Tables and Transaction data tables
  • 23.2.5 Generating a Database View of Entities and Transactions
    • 23.2.5.1 Generating the SQL Script File
    • 23.2.5.2 Creating the Database Views for Entities and Transactions
    • 23.2.5.3 Entity View Details
    • 23.2.5.4 Transaction View Details
    • 23.2.5.5 Identifiers
    • 23.2.5.6 Example of SQL Query to Create a View

24 Developing Configurable Actions

• 24.1 Integration
• 24.2 Executing Configurable Actions in a Particular Order and Data Sharing
• 24.3 How to Test Configurable Actions Triggering
• 24.4 Sample JUnit Code

25 Creating Checkpoints and Final Actions

• 25.1 Creating a New Checkpoint
• 25.2 Creating a Checkpoint Example
• 25.3 New Action
• 25.4 Final Action

Part VI Migration and Lifecycle Management

26 Migrating Native Applications to OAAM 11g

• 26.1 Preparing for Migration
• 26.2 Migrating Native Static Linked (In-Proc) Applications to OAAM 11g
  • 26.2.1 Use the OAAM Shared Library Instead of Static Linking to OAAM JAR Files
  • 26.2.2 Move All Configurable Properties into oaam_custom.properties File
• 26.3 Migrating Native SOAP Applications to OAAM 11g
  • 26.3.1 Use OAAM Shared Library Instead of Static Linking to OAAM JAR Files
  • 26.3.2 Move All Configurable Properties into the oaam_custom.properties File
  • 26.3.3 Configure SOAP/WebServices Access
• 26.4 Migrating Native Applications that Cannot Use OAAM Shared Library
  • 26.4.1 Use the OAAM 11g JAR Files
  • 26.4.2 Copy the OAAM 11g Property Files
  • 26.4.3 Specify the Configurable Properties in the oaam_custom.properties File

27 Handling Lifecycle Management Changes

• 27.1 Oracle Virtual Directory (OVD) Host, Port, and SSL Enablement Changes
• 27.2 Oracle Identity Manager (OIM) URL Changes
• 27.3 Oracle Access Management Access Manager Host and Port Changes
• 27.4 Oracle Internet Directory (OID) Host and Port Changes and SSL Enablement
• 27.5 Database Host and Port Changes
• 27.6 Moving Oracle Adaptive Access Manager to a New Production Environment
• 27.7 Moving Oracle Adaptive Access Manager to an Existing Production Environment

Part VII Troubleshooting

28 FAQ/Troubleshooting

• 28.1 Using My Oracle Support for Additional Troubleshooting Information
• 28.2 Techniques for Solving Complex Problems
  • 28.2.1 Simple Techniques
  • 28.2.2 Divide and Conquer
  • 28.2.3 Rigorous Analysis
  • 28.2.4 Process Flow of Analysis
    • 28.2.4.1 State the Problem
    • 28.2.4.2 Specify the Problem
    • 28.2.4.3 What It Never Worked
    • 28.2.4.4 IS and IS NOT but COULD BE
    • 28.2.4.5 Develop Possible Causes
    • 28.2.4.6 Test Each Candidate Cause Against the Specification
    • 28.2.4.7 Confirm the Cause
    • 28.2.4.8 Failures
• 28.3 Troubleshooting Tools
• 28.4 OAAM UIO Proxy
• 28.5 Device Fingerprinting
• 28.6 Knowledge-Based Authentication
• 28.7 Virtual Authentication Devices
• 28.8 Configurable Actions
• 28.9 One-Time Password
• 28.10 Localization
• 28.11 Man-in-the-Middle/Man-in-the-Browser
• 28.12 Failure Counter

Part VIII Glossary

Glossary

Index