1/43
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Introduction to the Developer's Guide
Part I Native Integration
2
Natively Integrating Oracle Adaptive Access Manager
2.1
About OAAM Native Integration
2.1.1
What is Native Integration?
2.1.2
SOAP Service Wrapper API Integration
2.1.3
In-Proc Integration
2.1.4
SOAP Service Wrapper API vs. In-Proc Method
2.1.5
Non-Native Integration - SOAP Services
2.2
Getting Started
2.2.1
Downloading the OAAM Sample Application
2.2.2
Setting Up the Native SOAP-based OAAM Sample Application
2.2.2.1
Pre-requisites
2.2.2.2
Installing and Configuring the OAAM Sample Application
2.2.3
Setting Up the Native In-Proc-Based OAAM Sample Application
2.2.3.1
Pre-requisites
2.2.3.2
Install and Configure
2.3
Integrating Virtual Authentication Devices, Knowledge-Based Authentication, and One-Time Password
2.3.1
User Name Page (c1)
2.3.2
Device Fingerprint Flow (r2)
2.3.3
Run Pre-Authentication Rules (r1)
2.3.4
Run Virtual Authentication Device Rules (r3)
2.3.5
Generate a Generic TextPad (p1)
2.3.6
Generate a Personalized TextPad or KeyPad (p2)
2.3.7
Display TextPad and KeyPad (s2 and s3)
2.3.8
Decode Virtual Authentication Device Input (p3)
2.3.9
Validate User and Password (c2)
2.3.10
Update Authentication Status (p4)
2.3.11
Password Status (c3)
2.3.12
Run Post-Authentication Rules (r4)
2.3.13
Check Registration for User (p5)
2.3.14
Run Registration Required Rules (r5)
2.3.15
Enter Registration Flow (p6)
2.3.16
Run Challenge Rules (r6)
2.3.17
Run Authentication Rules (r7)
2.3.18
Challenge the User (p7)
2.3.19
Check Answers to Challenge (c4)
2.3.20
Lock Out Page (c6)
2.3.21
Landing or Splash Page (c5)
3
Integrating Native .NET Applications
3.1
Introduction
3.2
Oracle Adaptive Access Manager .NET SDK
3.3
Configuration Properties
3.3.1
How the API Uses Properties
3.3.2
Encrypting Property Values
3.3.3
Using User-Defined Enumerations to Define Elements
3.4
Oracle Adaptive Access Manager API Usage
3.4.1
User Details
3.4.2
User Logins and Transactions
3.4.3
Rules Engine
3.4.3.1
Device ID
3.4.3.2
Creating and Updating Bulk Transactions
3.4.4
Validate a User with Challenge Questions
3.4.5
Reset Challenge Failure Counters
3.4.6
Virtual Authentication Devices
3.4.6.1
Creating a Virtual Authentication Device
3.4.6.2
Embedding a Virtual Authentication Device in a Web Page
3.4.6.3
Validating User Input with a Virtual Authentication Device
3.4.7
Specify Credentials to the Oracle Adaptive Access Manager SOAP Server
3.4.8
Trace Messages
3.4.9
.Net API Support for X.509 SSL Certificate Configuration
3.5
OAAM Sample Applications as Reference for Integration
3.5.1
ASP.NET Applications
3.5.2
OAAM Sample Application Details
3.5.2.1
SampleWebApp
3.5.2.2
SampleWebAppTracker
3.5.2.3
SampleWebAppAuthTracker
3.5.2.4
SampleKBATracker
3.5.3
Setting Up the Environment
3.5.3.1
Modifying the web.config File
3.5.3.2
Setting Properties for Images
3.5.3.3
Running the Application
3.5.4
Example: Enable Transaction Logging and Rule Processing
3.5.5
OAAM .NET API
4
Natively Integrating OAAM with Java Applications
4.1
About the Oracle Adaptive Access Manager Shared Library
4.1.1
Overview of the Integration Process
4.1.2
Using Oracle Adaptive Access Manager Shared Library in Web Applications
4.1.3
Using Oracle Adaptive Access Manager Shared Library in Enterprise Applications
4.1.4
Customizing/Extending/Overriding Oracle Adaptive Access Manager Properties
4.2
OAAM Java In-Proc Integration
4.3
OAAM SOAP Integration
4.3.1
Enabling Web Services Authentication
4.3.2
Creating User and Group
4.3.3
Configuring Web Services Authorization
4.3.4
Setting Up Client Side Keystore to Secure the SOAP User Password
4.3.5
Setting SOAP Related Properties in oaam_custom.properties
4.3.6
Disabling SOAP Service Authentication on the Server
4.3.7
Setting Up the Base Environment in OAAM Native SOAP Integration
4.4
About VCryptResponse
4.5
Oracle Adaptive Access Manager APIs
4.5.1
addQuestion
4.5.2
authenticatePassword
4.5.3
authenticateQuestion
4.5.4
cancelAllTemporaryAllows
4.5.5
clearSafeDeviceList
4.5.6
createOAAMSession
4.5.7
createOrUpdateEntities
4.5.8
createTransaction
4.5.9
createUser
4.5.10
deleteQuestion
4.5.11
getActionCount
4.5.12
getCaption
4.5.13
getFinalAuthStatus
4.5.14
getImage
4.5.15
getOTPCode
4.5.16
getRulesData
4.5.17
getSecretQuestion
4.5.18
getSignOnQuestions
4.5.19
getUserByLoginId
4.5.20
handleTrackerRequest
4.5.21
handleTransactionLog
4.5.22
IsDeviceMarkedSafe
4.5.23
markDeviceSafe
4.5.24
processPatternAnalysis
4.5.25
processRules
4.5.26
resetUser
4.5.27
searchEntityByKey
4.5.28
setCaption
4.5.29
setImage
4.5.30
setPassword
4.5.31
setTemporaryAllow
4.5.32
updateAuthStatus
4.5.33
updateLog
4.5.34
updateTransaction
4.5.35
updateTransactionStatus
5
Creating, Updating, and Searching for Entities Using the Entity API
5.1
About the Entity APIs
5.1.1
Entity Tasks
5.1.2
Processing Status
5.1.3
Create or Update Entities
5.1.4
Replace or Merge Attributes
5.1.5
Search Entity By Key
5.2
Creating Entities and Mapping Attributes
5.2.1
Entity Data Map
5.2.2
Complex Entity
5.2.3
Creating a Simple Entity
5.2.4
Updating Attributes of an Existing Entity
5.2.5
Erasing the Value of Attributes of an Existing Entity
5.2.6
Creating an Entity that has Related Entities with Complete Data of Both Top-Level Entity and Related Entities
5.2.7
Creating an Entity that has Related Entities (with Multiple Instances of a Single Entity) with Complete Data of Both Top-Level Entity and Related Entities
5.2.8
Creating an Entity that has Related Entities with Complete Data of Top-level Entity and Entity Ids of One or More Related Entities
5.2.9
Updating Related Entities of an Entity with Entity Ids of Related Entities
5.2.10
Unlinking Linked Entities.
5.2.11
Searching for an Entity on the Basis of Entity ID or Key Data
5.3
Data Storage
5.3.1
Data Model
5.3.2
Metadata
5.3.3
Expiry of Records
5.3.4
Transaction-Entity Mapping
5.3.5
Storing Entity Relationships in Transaction Create/Update
5.4
Scenario
Part II Universal Installation Option
6
Oracle Adaptive Access Manager Proxy
6.1
Introduction
6.1.1
Important Terms
6.1.2
Architecture
6.1.3
References
6.2
Installing UIO Apache Proxy
6.2.1
Before You Begin - UIO Proxy Files for Windows and Linux
6.2.1.1
Windows
6.2.1.2
Linux
6.2.2
Downloading or Building the Apache httpd
6.2.2.1
Windows
6.2.2.2
Linux
6.2.3
Copying the UIO Apache Proxy and Supported Files to Apache
6.2.3.1
Windows
6.2.3.2
Linux
6.2.4
Configuring Memcache (for Linux only)
6.2.5
Configuring httpd.conf
6.2.5.1
Basic Configuration without SSL
6.2.5.2
Configuration with SSL
6.2.6
Modifying the UIO Apache Proxy Settings
6.2.6.1
UIO_Settings.xml
6.2.6.2
UIO_log4j.xml
6.2.6.3
Application configuration XMLs
6.3
Setting Up Rules and User Groups
6.4
Setting Up Policies
6.5
Configuring the UIO Proxy
6.5.1
Elements of the UIO Proxy Configuration File
6.5.1.1
Components of Interceptors
6.5.1.2
Conditions
6.5.1.3
Filters
6.5.1.4
Filter Examples - ProcessString
6.5.1.5
Filter Examples - FormatString
6.5.1.6
Actions
6.5.1.7
Variables
6.5.1.8
Application
6.5.2
Interception Process
6.5.3
Configuring Redirection to the Oracle Adaptive Access Manager Server Interface
6.6
Application Discovery
6.6.1
Application Information
6.6.2
Setting Up the UIO Apache Proxy
6.6.3
Scenarios
6.7
OAAM Sample Application
6.7.1
Descriptions for Interceptors
6.7.2
Flow for BigBank without UIO Proxy
6.7.2.1
Login
6.7.2.2
Logout
6.7.3
Flow for First-time User to Log In and Log Out of BigBank with UIO Proxy
6.8
Upgrading the UIO Apache Proxy
6.8.1
UIO Apache Proxy Patch Installation Instructions
6.8.2
Patch Unsuccessful
Part III Customizations
7
Using the OAAM Extensions Shared Library to Customize OAAM
7.1
Overview
7.2
Customizing OAAM By Editing Enums
7.3
Adding Customizations Using the OAAM Extensions Shared Library
7.3.1
Note About Access Manager and OAAM Integration and Customization
7.3.2
Step 1 Extract the OAAM Extensions Shared Library
7.3.3
Step 2 Create a MANIFEST.MF File
7.3.4
Step 3 Compile Custom Java Classes
7.3.5
Step 4 Add Custom Files
7.3.6
Step 5 Repackage the OAAM Extensions Shared Library Into a New WAR File
7.3.7
Step 6 Verify If the Repackaged WAR File Contains the Custom JAR Files
7.3.8
Step 7 Stop All Managed Servers
7.3.9
Step 8 Start the WebLogic Administration Server
7.3.10
Step 9 Log In to the WebLogic Administration Console
7.3.11
Step 10 Deploy the New OAAM Extensions Shared Library
7.3.12
Step 11 Test the Functionality
8
Customizing OAAM Web Application Pages
8.1
Tips for Customizing the OAAM Web Application Pages
8.2
OAAM Properties
8.2.1
Enum Example
8.2.2
Overriding Existing User-Defined Enums
8.2.3
Disabling Elements
8.3
Customizing the OAAM Server for Multiple Applications
8.3.1
Determining the Application ID
8.3.2
Determining Default User Groups
8.3.3
Configuring OAAM Server Application Properties
8.3.4
Configuring OAAM Server Properties Several Applications Have In Common
8.4
Customizing the Appearance of OAAM Server Pages
8.4.1
Customizing Headers and Footers in User Interface Branding
8.4.2
Modifying User Interface Styles
8.4.3
Customizing Content and Messaging
8.4.4
Customizing the OAAM Server Pages
8.4.5
Customizing the Text in the OAAM Login Page
8.5
Enabling and Disabling the Single Login Page
8.6
Changing the Invalid Characters Check on the Login Page
8.7
Questions/Answers About User Interface Customizations
9
Customizing User Flow and Layout
9.1
User Flows and Layout
9.1.1
Struts Actions
9.1.1.1
Action Definition
9.1.1.2
Action Type
9.1.2
Base Layout Definition
9.1.3
How Struts and Tiles Work Together
9.2
Custom User Flows and Layout Example
9.2.1
Customize the Look-and-Feel
9.2.2
Customize the User Page Flows and Actions
9.3
Tile Definition File
9.4
Struts Configuration File
10
Configuring Properties for Localization
10.1
Turning Off Localization
10.2
Overriding Localized Properties
10.3
Configuring Language Defaults for Oracle Adaptive Access Manager
10.3.1
Example 1
10.3.2
Example 2
10.3.3
Example 3
10.3.4
Example 4
10.4
Customizing Abbreviations and Equivalences for Locales
11
Setting Up Custom Fingerprinting
11.1
Out of the Box Fingerprint Types
11.2
Setting Up Custom Fingerprinting
12
Flash Fingerprinting in Native Integration
12.1
Device Fingerprinting
12.2
Definitions of Variables and Parameters
12.3
Implementations of Flash Fingerprinting
12.3.1
Option 1
12.3.1.1
Option 1 Flow
12.3.1.2
Option 1 Code Example
12.3.2
Option 2
12.3.2.1
Option 2 Flow
12.3.2.2
Option 2 Code Example
12.3.3
Option 3
12.3.3.1
Option 3 Flow
12.3.3.2
Option 3 Code Example
12.3.3.3
Common Update
12.4
Flash Fingerprinting Included in Web Application with Native Integration
13
Extending Device Identification
13.1
What is Device Identification?
13.1.1
Data Gathering
13.1.2
Data Processing
13.1.3
Data Storage
13.2
When to Extend Device Identification
13.2.1
Prerequisites
13.2.2
Developing a Custom Device Identification Extension
13.2.2.1
Implement the Client Side Extension
13.2.2.2
Add Properties Related to Custom Device Identification Extension to OAAM Extensions Shared Library
13.2.2.3
Extend/Implement the DeviceIdentification Extension Class
13.2.2.3.1
getPlugInHTML
13.2.2.3.2
getFingerPrint
13.2.2.3.3
getDigitalCookie
13.2.2.3.4
getClientDataMap
13.2.3
Overview of Interactions
13.2.4
Compile, Assemble and Deploy
13.2.5
Important Note About Implementing the Extension
14
Enabling Device Registration
14.1
Enabling Device Registration in Native Integration
14.2
Enabling Device Registration Out-of-the-Box
14.3
Create Policies to Use Device Information
14.4
Resetting Registration
Part IV Integrating Applications
15
Integrating Client Applications with OAAM for Transactions
15.1
Transaction Example
15.2
About the Transaction Flow
15.3
High-Level Steps Required to Integrate Native Client Applications with OAAM
15.4
OAAM Set Up and Configuration
15.4.1
Set Up Transaction Definitions
15.4.2
Set up Policies and Rules
15.4.3
Sizing and Capacity Requirements
15.5
Client Setup
15.6
Entity and Transaction APIs
15.6.1
Sequence of API Calls
15.6.2
Out-of-the-Box Checkpoints
15.6.2.1
Pre-Transaction Checkpoint
15.6.2.2
Post - Transaction Checkpoint
15.6.3
Entities API List
15.6.3.1
createOrUpdateEntities
15.6.3.2
SearchEntityByKey
15.7
Run-time Data Analysis
15.7.1
Investigation Transaction Search, Comparison, and Utility Panel
15.7.2
BIP Reports
15.8
Targeted Purging of Transaction and Entity Data
16
Implementing OTP Anywhere
16.1
About the OTP Implementation
16.2
Concepts and Terms
16.3
Prerequisites
16.3.1
Install SOA Suite
16.3.2
Configure the Oracle User Messaging Service Driver
16.3.2.1
Email Driver
16.3.2.2
SMPP Driver
16.4
OTP Setup
16.5
Configure OTP
16.5.1
Integrate Oracle User Messaging Service
16.5.2
Enable OTP Challenge Types
16.5.3
Enable Registration and User Preferences
16.6
Customize OTP
16.6.1
Customize Registration Fields and Validations
16.6.2
Customize Terms and Conditions
16.6.3
Customize Registration Page Messaging
16.6.4
Customize Challenge Page Messaging
16.6.5
Customize OTP Message Text
16.6.6
Enable Opt Out Functionality
16.7
Register SMS Processor to Perform Work for Challenge Type
16.8
Customize One-Time Password Generation
16.9
Customize One Time Password Expiry Time
16.10
Configure the Challenge Pads Used for Challenge Types
16.11
Customize OTP Anywhere Data Storage
16.11.1
com.bharosa.uio.manager.user.UserDataManagerIntf
16.11.2
Default Implementation - com.bharosa.uio.manager.user.DefaultContactInfoManager
16.11.3
Custom Implementation Recommendations
16.11.4
Configure Properties
16.12
Example Configurations
16.12.1
Additional Registration Field Definitions Examples
16.12.1.1
Email Input
16.12.1.2
Phone Input
16.12.1.3
Example - OTP Registration Page to Display Values for Entry of an Email Address Instead of a Mobile Phone
16.12.1.4
IM Input
16.12.2
Additional Challenge Message Examples
16.12.2.1
Customize OTP Email Message
16.12.2.2
Customize OTP IM Message
16.12.3
Additional Processors Registration Examples
16.12.3.1
Register Email Challenge Processor
16.12.3.2
Register IM Challenge Processor
16.13
Challenge Use Case
17
Integrating Mobile Applications with OAAM
17.1
Overview for Integrating Mobile Applications with OAAM
17.2
Determine Mobile Device Fingerprint
17.3
Develop/Enhance Client Server Interfaces to Handle OAAM-Specific Data
17.4
Out-of-the-box Mobile Device Identification Policy
17.4.1
Identify Device by Mobile Cookie
17.4.2
New Device
17.5
Review Out-of-the-Box Security Policies and Develop Custom Policies If Required
17.6
Process to Manage Lost or Stolen Devices
17.7
Process to Manage Black Listed Devices
17.8
Handle Mobile Specific Rule Outcomes
17.9
Customizing User Interface for Mobile Devices
17.10
Custom Mobile CSS File Inclusion
18
Integrating Oracle Access Manager 10
g
and Oracle Adaptive Access Manager 11
g
18.1
Resource Protection Flow
18.2
Roadmap for OAAM Integration with Access Manager
18.3
Prerequisites
18.4
Configuring OAM AccessGate for OAAM Web Server
18.5
Configuring OAM Authentication Scheme
18.6
Configuring Oracle Access Manager Connection (Optional)
18.7
Setting Up WebGate for OAAM Web Server
18.8
Configuring OAM Domain to Use OAAM Authentication
18.9
Configuring Oracle HTTP Server (OHS)
18.10
Configuring Oracle Adaptive Access Manager Properties for Oracle Access Manager
18.10.1
Setting Oracle Adaptive Access Manager Properties for Oracle Access Manager
18.10.2
Setting Oracle Access Manager Credentials in Credential Store Framework
18.11
Turning Off IP Validation
18.12
Testing Oracle Adaptive Access Manager and Oracle Access Manager Integration
19
Integrating Juniper Networks Secure Access (SA) and OAAM
19.1
Introduction
19.2
Authentication and Forgot Password Flows
19.2.1
Authentication Flow
19.2.2
Forgot Password Flow
19.3
Security and Authentication Integration
19.3.1
Integration Roadmap
19.3.2
Pre-requisites
19.3.3
Configure the Authentication Provider
19.3.4
Configure Oracle Platform Security Services (OPSS) for Integration
19.3.5
Import the SAML Configuration-Related Server Properties Using the OAAM Administration Console
19.3.6
Set Up Certificate for Signing the Assertion
19.3.6.1
Create Private Key for Certificate
19.3.6.2
Create a Certificate Request
19.3.6.3
Submit the Certificate Signing Request (CSR) to a Certificate Authority
19.3.6.4
Act as Your Own Certificate Authority
19.3.6.4.1
Prerequisites
19.3.6.4.2
Create the Necessary Directories
19.3.6.4.3
Initial OpenSSL configuration
19.3.6.4.4
Create the CA Certificate and Private Key
19.3.6.4.5
More OpenSSL Configuration (Mandatory)
19.3.6.4.6
Sign the Certificate Request
19.3.6.5
Import the Certificate into Your Keystore
19.3.7
Modify Integration Properties Using the OAAM Administration Console
19.3.8
Configure Juniper Networks Secure Access (SA)
19.3.8.1
Create SAML 1.1 Authentication Server
19.3.8.2
Create a User Realm for SAML
19.3.8.3
Create Sign-In Policy
19.4
Verify the Integration
19.5
Debug the Integration
19.6
Troubleshooting Common Problems
19.6.1
Juniper SA and OAAM Clock Synchronization
19.6.2
Absence of a Correct Certificate on Juniper
19.6.3
Signing Failure in SAML Response
19.6.4
Entry Point URL for OAAM
20
Java Message Service Queue (JMSQ) Integration
20.1
JMS Definitions
20.2
Install the Asynchronous Integration Option
20.2.1
Pre-requisites
20.2.2
Installing the Asynchronous Integration Option
20.2.3
Setting Up JMS Queues
20.2.4
Updating the OAAM Extensions Library
20.2.5
Updating the OAAM Database
20.3
JMS Integration
20.3.1
Web Services API
20.3.2
JMS Integration Diagram
20.3.3
Registering the JMS Listener
20.3.4
Configuring Message Processor
20.4
JMS Messages
20.4.1
JMS Message Examples
20.4.1.1
VCryptTracker.updateLog
20.4.1.2
VCryptTracker.updateEntity
20.4.1.3
VCryptTracker.createTransaction
20.4.1.4
VCryptRulesEngine.processRules
20.4.1.5
MessageList
20.4.2
XML Schema Example for Message Formats
20.4.3
Sending a Message to a JMS Queue
20.5
Database Views for Entities and Transactions
20.5.1
Generating SQL Script File
20.5.2
Entity View Details
20.5.3
Transaction View Details
20.5.4
Identifiers
20.6
Python Rule Condition
20.6.1
Python Expression
20.6.2
Objects Available in Python
20.6.3
Examples
Part V Custom Development
21
Developing a Virtual Authentication Device
21.1
What is a Virtual Authentication Device?
21.1.1
Virtual Authentication Device Terminology
21.1.2
Virtual Authentication Types
21.1.2.1
TextPad
21.1.2.2
PinPad and KeyPad
21.1.2.3
QuestionPad
21.1.3
Virtual Authentication Device Configuration Files and Properties
21.1.3.1
Files Used in Virtual Authentication Device Configuration
21.1.3.2
Virtual Authentication Device Property Construction
21.1.3.3
Randomization and Jitter Properties
21.1.3.3.1
TextPad Randomization and Jitter Properties
21.1.3.3.2
KeyPad Randomization and Jitter Properties
21.1.3.3.3
PinPad Randomization and Jitter Properties
21.1.3.3.4
QuestionPad Randomization and Jitter Properties
21.2
What Elements of the Authenticator Can Be Customized?
21.2.1
Virtual Authentication Device Composition
21.2.2
Personalized Image
21.2.3
Frames
21.2.3.1
TextPad Authenticator Image and Frame Properties
21.2.3.2
PinPad Authenticator Image and Frame Properties
21.2.3.3
QuestionPad Authenticator Image and Frame Properties
21.2.3.4
KeyPad Authenticator Image and Frame Properties
21.2.4
Enter Key, Personalized Phrase, and Time Stamp Positioning
21.2.4.1
TextPad Visual Elements
21.2.4.2
PinPad Visual Elements
21.2.4.3
QuestionPad Visual Elements
21.2.4.4
KeyPad Visual Elements
21.2.5
KeysSets
21.3
Customization Steps
21.4
Simple Configuration Example
21.4.1
Designing the Frame
21.4.2
Positioning the Elements
21.5
Displaying Virtual Authentication Devices
21.5.1
Setting Up Before Calling the get<pad_type> Method
21.5.2
Getting the Virtual Authentication Device
21.5.3
Setting Timestamp and Time Zone
21.5.4
Displaying Virtual Authentication Devices
21.6
Enabling Accessible Versions of Authenticators
21.7
Localizing Virtual Authentication Device in OAAM 11
g
21.7.1
Overview
21.7.2
Example Using German Locale
21.8
Changing the Limit of Characters for Passwords
22
Integrating Task Processors
22.1
Introduction
22.2
OAAM Sample Application as a Reference for Integration
22.3
UIOContext
22.4
Integration Processors
22.4.1
IntegrationProcessorIntf Interface
22.4.2
Common User Flows
22.4.3
Integration Processor Parameters
22.4.3.1
Check for Integration ID
22.4.3.2
Integration Processor Registration
22.4.3.3
Oracle Access Management Access Manager Specific Integration Properties for Authentication Levels
22.5
Task Processor
22.5.1
TaskProcessorIntf
22.5.2
AbstractTaskProcessor
22.5.3
Default Classes
22.5.4
Task Processor Registration
22.6
Special Processors
22.6.1
Checkpoint Processor
22.6.2
Rules Results Processor
22.6.3
Legacy Rules Result Processors
22.7
Challenge Processors
22.7.1
What are Challenge Processors
22.7.2
How to Create Challenge Processors
22.7.2.1
Class
22.7.2.2
Methods
22.7.2.3
Example: Email Challenge Processor Implementation
22.7.2.4
Secret (PIN) Implementation
22.7.3
Define the Delivery Channel Types for the Challenge Processors
22.7.3.1
Challenge Type Enum
22.7.3.2
Example: Defining an OTP Channel Type
22.7.4
Configure User Input Properties
22.7.4.1
Enable Registration and Preferences Input
22.7.4.2
Set Contact Information Inputs
22.7.5
Configure the Challenge Pads Used for Challenge Types
22.8
Provider Registration
22.8.1
Authentication Manager
22.8.2
Password Manager
22.8.3
User Data Manager
23
Developing a Custom Loader for OAAM Offline
23.1
Developing a Custom Loader for OAAM Offline
23.2
Base Framework
23.2.1
Overview
23.2.2
Important Classes
23.2.3
General Framework Execution
23.3
Default Implementation
23.3.1
Default Load Implementation
23.3.2
Default Playback Implementation
23.4
Implementation Details: Overriding the Loader or Playback Behavior
23.5
Implement RiskAnalyzerDataSource
23.5.1
Extending AbstractJDBCRiskAnalyzerDataSource
23.5.2
Extending AbstractRiskAnalyzerDataSource
23.6
Implement RunMode
23.6.1
Extending AbstractLoadLoginsRunMode
23.6.2
Extending AbstractLoadTransactionsRunMode
23.6.3
Extending PlaybackRunMode
24
Creating OAAM Oracle BI Publisher Reports
24.1
Create Oracle BI Publisher Reports on Data in the OAAM Database Schema
24.1.1
Create a Data Model
24.1.2
Map User Defined Enum Numeric Type Codes to Readable Names
24.1.2.1
Results Display
24.1.2.2
English Only User Defined Enum Result Display
24.1.2.3
Internationalized User Defined Enum Result Display
24.1.3
Adding Lists of Values
24.1.3.1
User Defined Enums as List of Values for Filtering, English Only
24.1.3.2
User Defined Enums as List of Values for Filtering, Internalized
24.1.4
Adding Geolocation Data
24.1.5
Adding Sessions and Alerts
24.1.5.1
Type Code Lookups
24.1.6
Example
24.1.7
Adding Layouts to the Report Definition
24.2
Building OAAM Transactions Reports
24.2.1
Get Entities and Transactions Information
24.2.2
Discover Entity Data Mapping Information
24.2.2.1
Information about Data Types
24.2.2.2
Discover Entity Data Details Like Data Type, Row and Column Mappings
24.2.2.3
Build Entity Data SQL Queries and Views
24.2.3
Discover Transaction Data Mapping Information
24.2.3.1
Discover Transaction data details like Data Type, Row and Column mappings
24.2.3.2
Build Transaction Data SQL Queries and Views
24.2.4
Build Reports
24.2.4.1
Building Entity Data Reports
24.2.4.2
Building Transaction Data Reports
24.2.4.3
Joining Entity Data Tables and Transaction data tables
24.2.5
Generating a Database View of Entities and Transactions
24.2.5.1
Generating the SQL Script File
24.2.5.1.1
Pre-requisites
24.2.5.1.2
Generate the SQL Script
24.2.5.2
Creating the Database Views for Entities and Transactions
24.2.5.3
Entity View Details
24.2.5.4
Transaction View Details
24.2.5.5
Identifiers
24.2.5.6
Example of SQL Query to Create a View
25
Developing Configurable Actions
25.1
Integration
25.2
Executing Configurable Actions in a Particular Order and Data Sharing
25.3
How to Test Configurable Actions Triggering
25.4
Sample JUnit Code
26
Creating Checkpoints and Final Actions
26.1
Creating a New Checkpoint
26.2
Creating a Checkpoint Example
26.3
New Action
26.4
Final Action
Part VI Migration and Lifecycle Management
27
Migrating Native Applications to OAAM 11
g
27.1
Preparing for Migration
27.2
Migrating Native Static Linked (In-Proc) Applications to OAAM 11
g
27.2.1
Use the OAAM Shared Library Instead of Static Linking to OAAM JAR Files
27.2.2
Move All Configurable Properties into oaam_custom.properties File
27.3
Migrating Native SOAP Applications to OAAM 11
g
27.3.1
Use OAAM Shared Library Instead of Static Linking to OAAM JAR Files
27.3.2
Move All Configurable Properties into the oaam_custom.properties File
27.3.3
Configure SOAP/WebServices Access
27.4
Migrating Native Applications that Cannot Use OAAM Shared Library
27.4.1
Use the OAAM 11
g
JAR Files
27.4.2
Copy the OAAM 11
g
Property Files
27.4.3
Specify the Configurable Properties in the oaam_custom.properties File
28
Handling Lifecycle Management Changes
28.1
Oracle Virtual Directory (OVD) Host, Port, and SSL Enablement Changes
28.2
Oracle Identity Manager (OIM) URL Changes
28.3
Oracle Access Management Access Manager Host and Port Changes
28.4
Oracle Internet Directory (OID) Host and Port Changes and SSL Enablement
28.5
Database Host and Port Changes
28.6
Moving Oracle Adaptive Access Manager to a New Production Environment
28.7
Moving Oracle Adaptive Access Manager to an Existing Production Environment
Part VII Troubleshooting
29
FAQ/Troubleshooting
29.1
Using My Oracle Support for Additional Troubleshooting Information
29.2
Techniques for Solving Complex Problems
29.2.1
Simple Techniques
29.2.2
Divide and Conquer
29.2.3
Rigorous Analysis
29.2.4
Process Flow of Analysis
29.2.4.1
State the Problem
29.2.4.2
Specify the Problem
29.2.4.3
What It Never Worked
29.2.4.4
IS and IS NOT but COULD BE
29.2.4.5
Develop Possible Causes
29.2.4.6
Test Each Candidate Cause Against the Specification
29.2.4.7
Confirm the Cause
29.2.4.8
Failures
29.3
Troubleshooting Tools
29.4
Configurable Actions
29.5
Device Fingerprinting
29.6
Device Registration
29.7
Failure Counter
29.8
Knowledge-Based Authentication
29.9
Localization
29.10
Man-in-the-Middle/Man-in-the-Browser
29.11
One-Time Password
29.12
OAAM UIO Proxy
29.13
Virtual Authentication Devices
29.14
OAAM Sessions are Not Recorded When IP Address from Header is an Invalid IP Address
Glossary
Index
Scripting on this page enhances content navigation, but does not change the content in any way.