Oracle Advanced Security Administrator's Guide Release 8.1.6 A76932-01 |
|
Use the Oracle Enterprise Login Assistant to open and close existing wallets and enable/disable secure SSL based communications.
This chapter covers topics in the following sections:
Oracle Wallet Manager provides secure management of PKI1 -based user credentials. Oracle Wallet Manager creates a private and public key pair for a user, and issues a PKCS2 #10 certificate signing request which can be fulfilled by a certificate authority (CA). After the CA issues an X.509 certificate, the user can load the certificate into his wallet.
Oracle Wallet Manager also manages user trustpoints, the list of root certificates that the user trusts, and is pre-configured with root certificates from PKI vendors such as VeriSign and CyberTrust. Wallets are protected using password-based, strong encryption.
Typically, users do not need to access their wallets once the wallets have been configured. However, they can easily access their wallets using Oracle Enterprise Login Assistant, a very simple-to-use login tool that hides the complexity of a private key and certificate. Once users have securely opened their wallets by using Oracle Enterprise Login Assistant, they can connect to multiple databases over SSL, without providing additional passwords. This provides the benefit of strong authentication as well as single sign-on.
Refer to your platform-specific documentation for instructions on how to start Oracle Enterprise Login Assistant.
The Automatic Login feature of the Oracle Enterprise Login Assistant enables applications running on a server or a client to revalidate themselves to the other end without human intervention. Users can thus obtain single sign-on (SSO), using the credentials contained in their wallets, to authenticate to multiple applications over SSL.
To enable secure SSL based communications using the default wallet:
Use the Oracle Enterprise Login Assistant to disable single sign-on communications from server side applications to the client. Log out as follows.
Change a wallet password according to company policy or whenever you think that a password has been compromised. Change a wallet password as follows.
A dialog box appears and displays the message "Password changed successfully".
1
Public Key Infrastructure
2
Public Key Certificate Standard
|
Copyright © 1999 Oracle Corporation. All Rights Reserved. |
|