1/43
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Introduction to the Developer's Guide
Part I Native Integration
2
Natively Integrating Oracle Adaptive Access Manager
2.1
About OAAM Native Integration
2.1.1
What is Native Integration?
2.1.2
SOAP Service Wrapper API Integration
2.1.3
In-Proc Integration
2.1.4
SOAP Service Wrapper API vs. In-Proc Method
2.1.5
Non-Native Integration - SOAP Services
2.2
Getting Started
2.2.1
Downloading the OAAM Sample Application
2.2.2
Setting Up the Native SOAP-based OAAM Sample Application
2.2.2.1
Notes about Native SOAP Integration
2.2.2.2
Pre-requisites
2.2.2.3
Installing and Configuring the OAAM Sample Application
2.2.3
Setting Up the Native In-Proc-Based OAAM Sample Application
2.2.3.1
Important Notes about Native In-Proc Integration
2.2.3.2
Pre-requisites
2.2.3.3
Installing and Configuring the OAAM Sample Application
2.3
Integrating Virtual Authentication Devices, Knowledge-Based Authentication, and One-Time Password
2.3.1
User Name Page (c1)
2.3.2
Device Fingerprint Flow (r2)
2.3.3
Run Pre-Authentication Rules (r1)
2.3.4
Run Virtual Authentication Device Rules (r3)
2.3.5
Generate a Generic TextPad (p1)
2.3.6
Generate a Personalized TextPad or KeyPad (p2)
2.3.7
Display TextPad and KeyPad (s2 and s3)
2.3.8
Decode Virtual Authentication Device Input (p3)
2.3.9
Validate User and Password (c2)
2.3.10
Update Authentication Status (p4)
2.3.11
Password Status (c3)
2.3.12
Run Post-Authentication Rules (r4)
2.3.13
Check Registration for User (p5)
2.3.14
Run Registration Required Rules (r5)
2.3.15
Enter Registration Flow (p6)
2.3.16
Run Challenge Rules (r6)
2.3.17
Run Authentication Rules (r7)
2.3.18
Challenge the User (p7)
2.3.19
Check Answers to Challenge (c4)
2.3.20
Lock Out Page (c6)
2.3.21
Landing or Splash Page (c5)
3
Natively Integrating with Native ASP.NET Applications
3.1
Introduction
3.2
Oracle Adaptive Access Manager .NET SDK
3.3
Configuration Properties
3.3.1
How the API Uses Properties
3.3.2
Encrypting Property Values
3.3.3
Using User-Defined Enumerations to Define Elements
3.4
Oracle Adaptive Access Manager API Usage
3.4.1
User Details
3.4.2
User Logins and Transactions
3.4.3
Rules Engine
3.4.3.1
Device ID
3.4.3.2
Creating and Updating Bulk Transactions
3.4.4
Validate a User with Challenge Questions
3.4.5
Reset Challenge Failure Counters
3.4.6
Virtual Authentication Devices
3.4.6.1
Creating a Virtual Authentication Device
3.4.6.2
Embedding a Virtual Authentication Device in a Web Page
3.4.6.3
Validating User Input with a Virtual Authentication Device
3.4.7
Specify Credentials to the Oracle Adaptive Access Manager SOAP Server
3.4.8
Trace Messages
3.4.9
.Net API Support for X.509 SSL Certificate Configuration
3.5
OAAM Sample Applications as Reference for Integration
3.5.1
Downloading the Sample Package
3.5.2
ASP.NET Applications
3.5.3
OAAM Sample Application Details
3.5.3.1
SampleWebApp
3.5.3.2
SampleWebAppTracker
3.5.3.3
SampleWebAppAuthTracker
3.5.3.4
SampleKBATracker
3.5.4
Setting Up the Environment
3.5.4.1
Modifying the web.config File
3.5.4.2
Setting Properties for Images
3.5.4.3
Running the Application
3.5.5
Example: Enable Transaction Logging and Rule Processing
3.5.6
OAAM .NET API
4
Natively Integrating with Java Applications
4.1
About the Oracle Adaptive Access Manager Shared Library
4.1.1
Overview of the Integration Process
4.1.2
Using Oracle Adaptive Access Manager Shared Library in Web Applications
4.1.3
Using Oracle Adaptive Access Manager Shared Library in Enterprise Applications
4.1.4
Customizing/Extending/Overriding Oracle Adaptive Access Manager Properties
4.2
OAAM Java In-Proc Integration
4.3
OAAM SOAP Integration
4.3.1
Enabling Web Services Authentication
4.3.2
Creating User and Group
4.3.3
Configuring Web Services Authorization
4.3.4
Setting Up Client Side Keystore to Secure the SOAP User Password
4.3.5
Setting SOAP Related Properties in oaam_custom.properties for SOAP Integration
4.3.6
Disabling SOAP Service Authentication on the Server
4.3.7
Setting Up the Base Environment in OAAM Native SOAP Integration
4.4
About VCryptResponse
4.5
Oracle Adaptive Access Manager APIs
4.5.1
addQuestion
4.5.2
authenticatePassword
4.5.3
authenticateQuestion
4.5.4
cancelAllTemporaryAllows
4.5.5
clearSafeDeviceList
4.5.6
createOAAMSession
4.5.7
createOrUpdateEntities
4.5.8
createTransaction
4.5.9
createUser
4.5.10
deleteQuestion
4.5.11
getActionCount
4.5.12
getCaption
4.5.13
getOTPCode
4.5.14
getUserDevices
4.5.15
getFinalAuthStatus
4.5.16
getImage
4.5.17
getRulesData
4.5.18
getSecretQuestion
4.5.19
getSignOnQuestions
4.5.20
getUserByLoginId
4.5.21
handleTrackerRequest
4.5.22
handleTransactionLog
4.5.23
IsDeviceMarkedSafe
4.5.24
markDeviceSafe
4.5.25
processPatternAnalysis
4.5.26
processRules
4.5.27
resetUser
4.5.28
searchEntityByKey
4.5.29
setCaption
4.5.30
setImage
4.5.31
setPassword
4.5.32
setTemporaryAllow
4.5.33
setUserDevices
4.5.34
updateAuthStatus
4.5.35
updateLog
4.5.36
updateTransaction
4.5.37
updateTransactionStatus
5
Using the Entity APIs
5.1
About the Entity APIs
5.1.1
Entity Tasks
5.1.2
Processing Status
5.1.3
Create or Update Entities
5.1.4
Replace or Merge Attributes
5.1.5
Search Entity By Key
5.2
Creating Entities and Mapping Attributes
5.2.1
Entity Data Map
5.2.2
Complex Entity
5.2.3
Creating a Simple Entity
5.2.4
Updating Attributes of an Existing Entity
5.2.5
Erasing the Value of Attributes of an Existing Entity
5.2.6
Creating an Entity that has Related Entities with Complete Data of Both Top-Level Entity and Related Entities
5.2.7
Creating an Entity that has Related Entities (with Multiple Instances of a Single Entity) with Complete Data of Both Top-Level Entity and Related Entities
5.2.8
Creating an Entity that has Related Entities with Complete Data of Top-level Entity and Entity Ids of One or More Related Entities
5.2.9
Updating Related Entities of an Entity with Entity Ids of Related Entities
5.2.10
Unlinking Linked Entities.
5.2.11
Searching for an Entity on the Basis of Entity ID or Key Data
5.3
Data Storage
5.3.1
Data Model
5.3.2
Metadata
5.3.3
Expiry of Records
5.3.4
Transaction-Entity Mapping
5.3.5
Storing Entity Relationships in Transaction Create/Update
5.4
Common Entity Scenario
Part II Universal Installation Option
6
Implementing the Oracle Adaptive Access Manager Proxy
6.1
Introduction
6.1.1
Important Terms
6.1.2
Architecture
6.1.3
References
6.2
Installing UIO Apache Proxy
6.2.1
Before You Begin - UIO Proxy Files for Windows and Linux
6.2.1.1
Windows
6.2.1.2
Linux
6.2.2
Downloading or Building the Apache httpd
6.2.2.1
Windows
6.2.2.2
Linux
6.2.3
Copying the UIO Apache Proxy and Supported Files to Apache
6.2.3.1
Windows
6.2.3.2
Linux
6.2.4
Configuring Memcache (for Linux only)
6.2.5
Configuring httpd.conf
6.2.5.1
Basic Configuration without SSL
6.2.5.2
Configuration with SSL
6.2.6
Modifying the UIO Apache Proxy Settings
6.2.6.1
UIO_Settings.xml
6.2.6.2
UIO_log4j.xml
6.2.6.3
Application configuration XMLs
6.3
Setting Up Rules and User Groups
6.4
Setting Up Policies
6.5
Configuring the UIO Proxy
6.5.1
Elements of the UIO Proxy Configuration File
6.5.1.1
Components of Interceptors
6.5.1.2
Conditions
6.5.1.3
Filters
6.5.1.4
Filter Examples - ProcessString
6.5.1.5
ProcessString Encoding/Decoding Schemes for Special Characters URL Encoded in OAAM Change Password
6.5.1.6
Filter Examples - FormatString
6.5.1.7
Actions
6.5.1.8
Variables
6.5.1.9
Application
6.5.2
Interception Process
6.5.3
Configuring Redirection to the Oracle Adaptive Access Manager Server Interface
6.6
Application Discovery
6.6.1
Application Information
6.6.2
Setting Up the UIO Apache Proxy
6.6.3
Scenarios
6.7
OAAM Sample Application
6.7.1
Descriptions for Interceptors
6.7.2
Flow for BigBank without UIO Proxy
6.7.2.1
Login
6.7.2.2
Logout
6.7.3
Flow for First-time User to Log In and Log Out of BigBank with UIO Proxy
6.8
Upgrading the UIO Apache Proxy
6.8.1
UIO Apache Proxy Patch Installation Instructions
6.8.2
Patch Unsuccessful
Part III OAAM Customization
7
Using the OAAM Extensions Shared Library to Customize OAAM
7.1
About the OAAM Extensions Shared Library
7.2
Customizing or Extending OAAM By Editing Enums
7.3
Adding Customizations Using the OAAM Extensions Shared Library
7.3.1
Note About Access Manager and OAAM Integration and Customization
7.3.2
Step 1 Extract the OAAM Extensions Shared Library
7.3.3
Step 2 Create a MANIFEST.MF File
7.3.4
Step 3 Compile Custom Java Classes
7.3.5
Step 4 Add Custom Files
7.3.6
Step 5 Repackage the OAAM Extensions Shared Library Into a New WAR File
7.3.7
Step 6 Verify If the Repackaged WAR File Contains the Custom JAR Files
7.3.8
Step 7 Stop All Managed Servers
7.3.9
Step 8 Start the WebLogic Administration Server
7.3.10
Step 9 Log In to the WebLogic Administration Console
7.3.11
Step 10 Deploy the New OAAM Extensions Shared Library
7.3.12
Step 11 Test the Functionality
8
Customizing OAAM Server Web Application Pages
8.1
About Customizing the OAAM Server for Multiple Applications
8.2
Configuring and Customizing OAAM Server for Multiple Applications
8.2.1
Determining the Application ID of Each Application to Secure
8.2.2
Assigning Default User Groups for Each Application to Secure
8.2.3
Configuring OAAM Server Application Properties
8.2.4
Configuring OAAM Server Properties Several Applications Have In Common
8.3
Managing the Appearance and Behavior of OAAM Using User-Defined Enumerations
8.3.1
Enum Example
8.3.2
Overriding Existing User-Defined Enums
8.3.3
Disabling Elements
8.4
Customizing the OAAM Server Pages
8.4.1
Tips for Customizing the OAAM Web Application Pages
8.4.2
Customizing Headers and Footers in User Interface Branding
8.4.3
Modifying User Interface Styles in User Interface Branding
8.4.4
Customizing Content and Messaging in User Interface Branding
8.4.5
Customizing the Text in the OAAM Login Page
8.4.6
Configuring Forgot Username Link
8.4.7
Changing the Invalid Characters Check on the Login Page
8.4.8
Configuring OAAM Server for Localization
8.4.8.1
Turning Off Localization
8.4.8.2
Overriding Localized Properties
8.4.8.3
Configuring Language Defaults for Oracle Adaptive Access Manager
8.4.8.3.1
Example 1
8.4.8.3.2
Example 2
8.4.8.3.3
Example 3
8.4.8.3.4
Example 4
8.4.8.4
Customizing Abbreviations and Equivalences for Locales
8.5
Configuring a Single Login Page
8.5.1
OAAM Single Login Page Flows
8.5.2
Setting Properties to Enable the OAAM Single Login Page
8.5.3
Configuring Single Login Page to Use the OAAM HTML Pad
8.5.4
Customizing the OAAM Single Login Page Using the Shared Extensions Library
8.5.5
Properties for Customizing Messages, Links, and Credential Inputs on the Single Login Page
8.6
Questions/Answers About OAAM Server Customizations
9
Customizing Virtual Authentication Devices
9.1
About Virtual Authentication Devices
9.1.1
Virtual Authentication Device Terminology
9.1.2
Virtual Authentication Device Types
9.1.2.1
TextPad
9.1.2.2
PinPad and KeyPad
9.1.2.3
QuestionPad
9.2
Virtual Authentication Device Composition
9.3
Virtual Authentication Device Configuration Files and Properties
9.3.1
Files Used in Virtual Authentication Device Configuration
9.3.2
Virtual Authentication Device Property Construction
9.4
Customizing Elements of the Authenticator
9.4.1
Adding Personalized Image
9.4.2
Changing Authenticator Frames
9.4.2.1
TextPad Authenticator Frame Properties
9.4.2.2
PinPad Authenticator Frame Properties
9.4.2.3
QuestionPad Authenticator Frame Properties
9.4.2.4
KeyPad Authenticator Frame Properties
9.4.3
Changing Position, Dimensions, and Color for Enter Key, Personalized Phrase, and Time Stamp
9.4.3.1
TextPad Visual Elements
9.4.3.2
PinPad Visual Elements
9.4.3.3
QuestionPad Visual Elements
9.4.3.4
KeyPad Visual Elements
9.4.3.5
Configuring Text Size for Apple iPhone
9.4.4
Changing Keys Sets
9.4.5
Simple Configuration Example
9.4.5.1
Designing the Frame
9.4.5.2
Positioning the Elements
9.5
Customization Steps
9.6
Displaying Virtual Authentication Devices
9.6.1
Setting Up Before Calling the get<pad_type> Method
9.6.2
Getting the Virtual Authentication Device
9.6.3
Setting Timestamp and Time Zone
9.6.4
Displaying Virtual Authentication Devices
9.7
Enabling Accessible Versions of Authenticators
9.8
Adding Randomization and Jitter
9.8.1
TextPad Randomization and Jitter Properties
9.8.2
KeyPad Randomization and Jitter Properties
9.8.3
PinPad Randomization and Jitter Properties
9.8.4
QuestionPad Randomization and Jitter Properties
9.9
Changing the Limit of Characters for Passwords
9.10
Localizing Virtual Authentication Device in OAAM 11
g
9.10.1
Overview
9.10.2
Example Using German Locale
10
Customizing User Flow and Layout
10.1
User Flows and Layout
10.1.1
Struts Actions
10.1.1.1
Action Definition
10.1.1.2
Action Type
10.1.2
Base Layout Definition
10.1.3
How Struts and Tiles Work Together
10.2
Custom User Flows and Layout Example
10.2.1
Customize the Look-and-Feel
10.2.2
Customize the User Page Flows and Actions
10.3
Tile Definition File
10.4
Struts Configuration File
11
Setting Up Custom Fingerprinting
11.1
Out of the Box Fingerprint Types
11.2
Setting Up Custom Fingerprinting
12
Natively Integrating Flash Fingerprinting
12.1
Device Fingerprinting
12.2
Definitions of Variables and Parameters
12.3
Implementations of Flash Fingerprinting
12.3.1
Option 1
12.3.1.1
Option 1 Flow
12.3.1.2
Option 1 Code Example
12.3.2
Option 2
12.3.2.1
Option 2 Flow
12.3.2.2
Option 2 Code Example
12.3.3
Option 3
12.3.3.1
Option 3 Flow
12.3.3.2
Option 3 Code Example
12.3.3.3
Common Update
12.4
Flash Fingerprinting Included in Web Application with Native Integration
13
Extending Device Identification
13.1
When to Extend Device Identification
13.2
Prerequisites
13.3
Developing a Custom Device Identification Extension
13.3.1
Implement the Client Side Extension
13.3.2
Add Properties Related to Custom Device Identification Extension to OAAM Extensions Shared Library
13.3.3
Extend/Implement the DeviceIdentification Extension Class
13.3.3.1
getPlugInHTML
13.3.3.2
getFingerPrint
13.3.3.3
getDigitalCookie
13.3.3.4
getClientDataMap
13.4
Overview of Interactions
13.5
Compile, Assemble and Deploy
13.6
Important Note About Implementing the Extension
14
Enabling Device Registration
14.1
Enabling Device Registration in Native Integration
14.2
Enabling Device Registration Out-of-the-Box
14.3
Create Policies to Use Device Information
14.4
CSR Resetting Device Registration
Part IV Integrating OAAM
15
Integrating Client Applications with OAAM for Transactions
15.1
Transaction Example
15.2
About the Transaction Flow
15.3
High-Level Steps Required to Integrate Native Client Applications with OAAM
15.4
OAAM Set Up and Configuration
15.4.1
Set Up Transaction Definitions
15.4.2
Set up Policies and Rules
15.4.3
Sizing and Capacity Requirements
15.5
Client Setup
15.6
Entity and Transaction APIs
15.6.1
Sequence of API Calls
15.6.2
Out-of-the-Box Checkpoints
15.6.2.1
Pre-Transaction Checkpoint
15.6.2.2
Post - Transaction Checkpoint
15.6.3
Entities API List
15.6.3.1
create OrUpdateEntities
15.6.3.2
SearchEntityByKey
15.7
Run-time Data Analysis
15.7.1
Investigation Transaction Search, Comparison, and Utility Panel
15.7.2
BIP Reports
15.8
Targeted Purging of Transaction and Entity Data
16
Implementing OTP Anywhere
16.1
About the OTP Implementation
16.2
Concepts and Terms
16.3
Prerequisites
16.3.1
Install SOA Suite
16.3.2
Configure the Oracle User Messaging Service Driver
16.3.2.1
Email Driver
16.3.2.2
SMPP Driver
16.4
OTP Setup Roadmap
16.5
Enable Registration and User Preferences
16.6
Enable OTP Challenge Types
16.7
Integrate Oracle User Messaging Service
16.8
Set Up the Registration Page
16.8.1
Enable Opt-Out for OTP Registration and Challenge
16.8.2
Configure Terms and Conditions Check Boxes and Fields in the Registration Pages
16.9
Configure Policies and Rules to Use OTP Challenge
16.10
Customize OTP
16.10.1
Customize Registration Fields and Validations
16.10.2
Customize Terms and Conditions
16.10.3
Customize OTP Registration Page Messaging
16.10.4
Customize Challenge Page Messaging
16.10.5
Customize OTP Message Text
16.11
Customize One-Time Password Generation
16.12
Customize One-Time Password Expiry Time
16.13
Configure the Challenge Devices Used for Challenge Types
16.14
Register SMS Processor to Perform Work for Challenge Type
16.15
Customize OTP Anywhere Data Storage
16.15.1
com.bharosa.uio.manager.user.UserDataManagerIntf
16.15.2
Default Implementation - com.bharosa.uio.manager.user.DefaultContactInfoManager
16.15.3
Custom Implementation Recommendations
16.15.4
Configure Properties
16.16
Example Configurations
16.16.1
Additional Registration Field Definitions Examples
16.16.1.1
Email Input
16.16.1.2
Phone Input
16.16.1.3
Example - OTP Registration Page to Display Values for Entry of an Email Address Instead of a Mobile Phone
16.16.1.4
IM Input
16.16.2
Additional Challenge Message Examples
16.16.2.1
Customize OTP Email Message
16.16.2.2
Customize OTP IM Message
16.16.3
Additional Processors Registration Examples
16.16.3.1
Register Email Challenge Processor
16.16.3.2
Register IM Challenge Processor
16.17
Challenge Use Case
17
Integrating Mobile Applications with OAAM
17.1
Overview for Integrating Mobile Applications with OAAM
17.2
Determine Mobile Device Fingerprint
17.3
Develop/Enhance Client Server Interfaces to Handle OAAM-Specific Data
17.4
Out-of-the-box Mobile Device Identification Policy
17.4.1
Identify Device by Mobile Cookie
17.4.2
New Device
17.5
Review Out-of-the-Box Security Policies and Develop Custom Policies If Required
17.6
Process to Manage Lost or Stolen Devices
17.7
Process to Manage Black Listed Devices
17.8
Handle Mobile Specific Rule Outcomes
17.9
Customizing User Interface for Mobile Devices
17.10
Custom Mobile CSS File Inclusion
18
Integrating Juniper Networks Secure Access (SA) and OAAM
18.1
Introduction
18.2
Authentication and Forgot Password Flows
18.2.1
Authentication Flow
18.2.2
Forgot Password Flow
18.3
Security and Authentication Integration
18.3.1
Integration Roadmap
18.3.2
Pre-requisites
18.3.3
Configure the Authentication Provider
18.3.4
Configure Oracle Platform Security Services (OPSS) for Integration
18.3.5
Import the SAML Configuration-Related Server Properties Using the OAAM Administration Console
18.3.6
Set Up Certificate for Signing the Assertion
18.3.6.1
Create Private Key for Certificate
18.3.6.2
Create a Certificate Request
18.3.6.3
Submit the Certificate Signing Request (CSR) to a Certificate Authority
18.3.6.4
Act as Your Own Certificate Authority
18.3.6.4.1
Prerequisites
18.3.6.4.2
Create the Necessary Directories
18.3.6.4.3
Initial OpenSSL configuration
18.3.6.4.4
Create the CA Certificate and Private Key
18.3.6.4.5
More OpenSSL Configuration (Mandatory)
18.3.6.4.6
Sign the Certificate Request
18.3.6.5
Import the Certificate into Your Keystore
18.3.7
Modify Integration Properties Using the OAAM Administration Console
18.3.8
Configure Juniper Networks Secure Access (SA)
18.3.8.1
Create SAML 1.1 Authentication Server
18.3.8.2
Create a User Realm for SAML
18.3.8.3
Create Sign-In Policy
18.4
Verify the Integration
18.5
Debug the Integration
18.6
Troubleshooting Common Problems
18.6.1
Juniper SA and OAAM Clock Synchronization
18.6.2
Absence of a Correct Certificate on Juniper
18.6.3
Signing Failure in SAML Response
18.6.4
Entry Point URL for OAAM
19
Integrating Java Message Service Queue (JMSQ)
19.1
JMS Definitions
19.2
Install the Asynchronous Integration Option
19.2.1
Pre-requisites
19.2.2
Installing the Asynchronous Integration Option
19.2.3
Updating the OAAM Extensions Library
19.2.4
Setting Up JMS Queues
19.2.5
Updating the OAAM Database
19.3
JMS Integration
19.3.1
Web Services API
19.3.2
JMS Integration Diagram
19.3.3
Registering the JMS Listener
19.3.4
Configuring Message Processor
19.4
JMS Messages
19.4.1
JMS Message Examples
19.4.1.1
VCryptTracker.updateLog
19.4.1.2
VCryptTracker.updateEntity
19.4.1.3
VCryptTracker.createTransaction
19.4.1.4
VCryptRulesEngine.processRules
19.4.1.5
MessageList
19.4.2
XML Schema Example for Message Formats
19.4.3
Sending a Message to a JMS Queue
19.5
Database Views for Entities and Transactions
19.5.1
Generating SQL Script File
19.5.2
Entity View Details
19.5.3
Transaction View Details
19.5.4
Identifiers
19.6
Python Rule Condition
19.6.1
Python Expression
19.6.2
Objects Available in Python
19.6.3
Examples
20
Integrating Oracle Access Manager 10
g
and Oracle Adaptive Access Manager 11
g
20.1
Resource Protection Flow
20.2
Roadmap for OAAM Integration with Access Manager
20.3
Prerequisites
20.4
Configuring OAM AccessGate for OAAM Web Server
20.5
Configuring OAM Authentication Scheme
20.6
Configuring Oracle Access Manager Connection (Optional)
20.7
Setting Up WebGate for OAAM Web Server
20.8
Configuring OAM Domain to Use OAAM Authentication
20.9
Configuring Oracle HTTP Server (OHS)
20.10
Configuring Oracle Adaptive Access Manager Properties for Oracle Access Manager
20.10.1
Setting Oracle Adaptive Access Manager Properties for Oracle Access Manager
20.10.2
Setting Oracle Access Manager Credentials in Credential Store Framework
20.11
Turning Off IP Validation
20.12
Testing Oracle Adaptive Access Manager and Oracle Access Manager Integration
Part V OAAM Custom Development
21
Developing Web Applications to Leverage OAAM Server Functionality
21.1
Introduction
21.2
OAAM Sample Framework as a Reference for Integration
21.3
Session Management
21.4
Task Processors
21.4.1
Interface and Abstract Class
21.4.1.1
TaskProcessorIntf
21.4.1.2
AbstractTaskProcessor
21.4.1.3
Default Classes
21.4.2
Task Processor Registration
21.5
Challenge Processors
21.5.1
What are Challenge Processors
21.5.2
How to Create Challenge Processors
21.5.2.1
Class
21.5.2.2
Methods
21.5.2.3
Example: Email Challenge Processor Implementation
21.5.2.4
Secret (PIN) Implementation
21.5.3
Define the Delivery Channel Types for the Challenge Processors
21.5.3.1
Challenge Type Enum
21.5.3.2
Example: Defining an OTP Channel Type
21.5.4
Configure User Input Properties
21.5.4.1
Enable Registration and Preferences Input
21.5.4.2
Set Contact Information Inputs
21.5.5
Configure the Challenge Pads Used for Challenge Types
21.6
Checkpoint Processor
21.7
Rules Results Processor
21.8
Integration Processors
21.8.1
IntegrationProcessorIntf Interface
21.8.2
Common User Flows
21.8.3
Integration Processor Parameters
21.8.3.1
Check for Integration ID
21.8.3.2
Integration Processor Registration
21.8.3.3
Oracle Access Management Access Manager Specific Integration Properties for Authentication Levels
21.9
Provider Registration
21.9.1
Authentication Manager
21.9.2
Password Manager
21.9.3
User Data Manager
21.10
Legacy Rules Result Processors
22
Developing a Custom Loader for OAAM Offline
22.1
Developing a Custom Loader for OAAM Offline
22.2
Base Framework
22.2.1
Overview
22.2.2
Important Classes
22.2.3
General Framework Execution
22.3
Default Implementation
22.3.1
Default Load Implementation
22.3.2
Default Playback Implementation
22.4
Implementation Details: Overriding the Loader or Playback Behavior
22.5
Implement RiskAnalyzerDataSource
22.5.1
Extending AbstractJDBCRiskAnalyzerDataSource
22.5.2
Extending AbstractRiskAnalyzerDataSource
22.6
Implement RunMode
22.6.1
Extending AbstractLoadLoginsRunMode
22.6.2
Extending AbstractLoadTransactionsRunMode
22.6.3
Extending PlaybackRunMode
23
Creating OAAM Oracle BI Publisher Reports
23.1
Create Oracle BI Publisher Reports on Data in the OAAM Database Schema
23.1.1
Create a Data Model
23.1.2
Map User Defined Enum Numeric Type Codes to Readable Names
23.1.2.1
Results Display
23.1.2.2
English Only User Defined Enum Result Display
23.1.2.3
Internationalized User Defined Enum Result Display
23.1.3
Adding Lists of Values
23.1.3.1
User Defined Enums as List of Values for Filtering, English Only
23.1.3.2
User Defined Enums as List of Values for Filtering, Internalized
23.1.4
Adding Geolocation Data
23.1.5
Adding Sessions and Alerts
23.1.5.1
Type Code Lookups
23.1.6
Example
23.1.7
Adding Layouts to the Report Definition
23.2
Building OAAM Transactions Reports
23.2.1
Get Entities and Transactions Information
23.2.2
Discover Entity Data Mapping Information
23.2.2.1
Information about Data Types
23.2.2.2
Discover Entity Data Details Like Data Type, Row and Column Mappings
23.2.2.3
Build Entity Data SQL Queries and Views
23.2.3
Discover Transaction Data Mapping Information
23.2.3.1
Discover Transaction data details like Data Type, Row and Column mappings
23.2.3.2
Build Transaction Data SQL Queries and Views
23.2.4
Build Reports
23.2.4.1
Building Entity Data Reports
23.2.4.2
Building Transaction Data Reports
23.2.4.3
Joining Entity Data Tables and Transaction data tables
23.2.5
Generating a Database View of Entities and Transactions
23.2.5.1
Generating the SQL Script File
23.2.5.1.1
Pre-requisites
23.2.5.1.2
Generate the SQL Script
23.2.5.2
Creating the Database Views for Entities and Transactions
23.2.5.3
Entity View Details
23.2.5.4
Transaction View Details
23.2.5.5
Identifiers
23.2.5.6
Example of SQL Query to Create a View
24
Developing Configurable Actions
24.1
Adding a New Configurable Action
24.2
Executing Configurable Actions in a Particular Order and Data Sharing
24.3
How to Test Configurable Actions Triggering
24.4
Sample JUnit Code
24.5
Sample Java Code for Configuration Action
25
Creating Checkpoints and Final Actions
25.1
Creating a New Checkpoint
25.2
Creating a Checkpoint Example
25.3
New Action
25.4
Final Action
Part VI Lifecycle Management
26
Handling Lifecycle Management Changes
26.1
Oracle Virtual Directory (OVD) Host, Port, and SSL Enablement Changes
26.2
Oracle Identity Manager (OIM) URL Changes
26.3
Oracle Access Management Access Manager Host and Port Changes
26.4
Oracle Internet Directory (OID) Host and Port Changes and SSL Enablement
26.5
Database Host and Port Changes
26.6
Moving Oracle Adaptive Access Manager to a New Production Environment
26.7
Moving Oracle Adaptive Access Manager to an Existing Production Environment
27
Migrating Native Applications to OAAM 11
g
27.1
Prerequisites for Migration of an Existing Natively Integrated 10.1.4.5 Application
27.2
Migrating Native Static Linked (In-Proc) Applications to OAAM 11
g
27.2.1
Use the OAAM Shared Library Instead of Static Linking to OAAM JAR Files
27.2.2
Move All Configurable Properties into the oaam_custom.properties File
27.3
Migrating Native SOAP Applications to OAAM 11
g
27.3.1
Use OAAM Shared Library Instead of Static Linking to OAAM JAR Files
27.3.2
Move All Configurable Properties into the oaam_custom.properties File
27.3.3
Configure SOAP/WebServices Access
27.4
Migrating Native Applications that Cannot Use OAAM Shared Library
27.4.1
Use the OAAM 11
g
JAR Files
27.4.2
Copy the OAAM 11
g
Property Files
27.4.3
Specify the Configurable Properties in the oaam_custom.properties File
Part VII Troubleshooting
28
FAQ/Troubleshooting
28.1
Using My Oracle Support for Additional Troubleshooting Information
28.2
Techniques for Solving Complex Problems
28.2.1
Simple Techniques
28.2.2
Divide and Conquer
28.2.3
Rigorous Analysis
28.2.4
Process Flow of Analysis
28.2.4.1
State the Problem
28.2.4.2
Specify the Problem
28.2.4.3
What It Never Worked
28.2.4.4
IS and IS NOT but COULD BE
28.2.4.5
Develop Possible Causes
28.2.4.6
Test Each Candidate Cause Against the Specification
28.2.4.7
Confirm the Cause
28.2.4.8
Failures
28.3
Troubleshooting Tools
28.4
Configurable Actions
28.5
Device Fingerprinting
28.6
Device Registration
28.7
Failure Counter
28.8
Knowledge-Based Authentication
28.9
Localization
28.10
Man-in-the-Middle/Man-in-the-Browser
28.11
One-Time Password
28.12
OAAM UIO Proxy
28.13
Virtual Authentication Devices
28.14
Custom Locale Used in OAAM .NET API
28.15
OAAM 11g Soap Timeout Exception Handling
28.16
OAAM Sessions are Not Recorded When IP Address from Header is an Invalid IP Address
Part VIII Glossary
Glossary
Index
Scripting on this page enhances content navigation, but does not change the content in any way.