Skip Headers
Oracle® Adaptive Access Manager Installation and Configuration Guide
Release 10
g
(10.1.4.5)
Part Number E12050-03
Home
Book List
Index
Contact Us
Next
View PDF
Contents
List of Figures
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Installation and Configuration Overview
1.1
Oracle Adaptive Access Manager
1.2
Oracle Adaptive Access Manager Integrations
1.2.1
Native Integration
1.2.2
Universal Installation Option Integration
1.2.3
Access Management Integration
1.2.4
SAML Integration
1.3
What Web Applications to Deploy?
1.4
Oracle Adaptive Access Manager Architecture
1.4.1
Simple Architectural Scenario for Deployment
1.4.2
Recommended Architectural Scenario for Deployment
1.4.3
Adaptive Risk Manager Offline
1.5
Installation Checklist
1.6
Validation Checklist
2
Preparing for the Installation
2.1
Getting Started
2.1.1
Package Contents
2.1.2
Supported Configurations
2.2
Prerequisites and Dependencies
2.2.1
Adaptive Risk Manager Online and Offline
2.2.2
Adaptive Strong Authenticator
3
Creating an Oracle Database Schema
3.1
Installation Steps Overview
3.2
Database Character Set
3.3
Oracle Initialization Parameters
3.4
Running the Scripts
3.4.1
Windows
3.4.2
UNIX
3.5
Setup Prompts
3.6
Scripts
3.6.1
db_setup.sql
3.6.2
cr_vcrypt_tbs.sql
3.6.3
cr_vcrypt_usr.sql
3.6.4
cr_vcrypt_obj.sql
3.6.5
Seed Data Initialization Steps
3.6.5.1
oracle_user_init.sql
3.6.5.2
oracle_policy_init.sql
3.6.5.3
oracle_default_locales.sql
3.6.5.4
oracle_answerhints.sql
3.6.5.5
oracle_bharosaconfig.sql
3.6.5.6
oracle_scoringpolicy.sql
3.6.5.7
oracle_validations.sql
3.7
Partition Reference
3.7.1
Tables
3.7.1.1
Static Partition Tables
3.7.1.2
Transactional Partition Tables
3.7.2
Partition Maintenance Scripts
3.7.2.1
Add_Monthly_Partition_tables.sql
3.7.2.2
Add_Weekly_Partition_tables.sql
3.7.2.3
Drop_Monthly_Partition_tables.sql
3.7.2.4
Drop_Weekly_Partition_tables.sql
4
Creating a SQL Server Schema
4.1
Prerequisites
4.2
Installation Steps
4.3
Scripts
4.3.1
Create Database
4.3.2
Create Login
4.3.3
Load Initialization Data
4.4
Database Properties
5
Loading IP Location Data
6
Installing Adaptive Risk Manager
6.1
Creating Groups/Roles
6.2
Deployment on the Application and Web Servers
6.2.1
WebLogic
6.2.2
Tomcat
6.2.3
WebSphere
7
Installing the Adaptive Strong Authenticator
7.1
Deploying Adaptive Strong Authenticator
7.1.1
WebLogic Application Server
7.1.2
Tomcat Web Server
7.1.3
IBM WebSphere Application Server
7.2
Accessing Adaptive Strong Authenticator
8
Installing and Configuring Adaptive Access Manager Offline
8.1
Installation Checklist for Adaptive Risk Manager Offline
8.2
The Offline Database
8.2.1
Database Server with Good I/O capability
8.2.2
Proper Database Server Configuration
8.2.3
Database Indexes
8.3
What to Do After Installing Adaptive Risk Manager Offline
9
Installing the Proxy
10
Setting Up Encryption
10.1
Creating a Keystore for Encrypting Configuration Values
10.2
Creating a Keystore for Encrypting Database Data
10.3
Other Procedures
11
Configuring SOAP/Web Services Access
11.1
Adaptive Risk Manager SOAP/Web Services Set Up
11.2
Adaptive Strong Authenticator/Native Client SOAP/Web Services Set Up
11.3
Security Recommendations
11.4
How to Disable HTTP Authentication for Web Services
11.5
Other Procedures
12
Configuring Server Properties
12.1
Updating the bharosa_server.properties File
12.2
Sample Code
13
Configuring Database Connectivity
13.1
Configuring sessions.xml for JDBC
13.1.1
sessions.xml Tags for JDBC
13.1.2
sessions.xml File Sample for JDBC
13.2
Configuring sessions.xml for JNDI
13.2.1
sessions.xml Tags for JNDI
13.2.2
sessions.xml File Sample for JNDI
13.3
TopLink platform-class
13.3.1
Oracle
13.3.2
Microsoft
14
Setting Up Background Images
14.1
Setting Up the Images for Authentication Devices
14.2
Sample Code
15
Configuring Client Properties
15.1
Modifying the bharosa_client.properties File
15.2
Properties
16
Setting Up Logging
16.1
Pre-requisites for Email Alerts
16.2
Create a Log Directory
16.3
Editing the Log4j.xml Parameters
16.4
Commonly Edited log4j.xml Parameters
16.5
Levels of Alert
16.6
Fraud Detection
16.7
Levels of Alert
16.8
Best Practices
17
Globalization Support
17.1
Configuring Language Defaults for Oracle Adaptive Access Manager
17.1.1
Example 1
17.1.2
Example 2
17.1.3
Example 3
17.2
Adding to the Abbreviation File
17.3
Adding Registration Questions
17.4
Configuring Words Used in the Authenticator Caption
17.5
Configuring "Enter" on the Authenticator Forgot Password Page
17.6
Configuring Tooltip for TextPad's "Enter" Button
18
BI Publisher Reports
18.1
Prerequisites
18.2
Installation
18.2.1
Unzip oaam_bipreports_oradb.zip
18.2.2
Stop the BI Publisher Server
18.2.3
Copy the Oracle Adaptive Access Manager Report Files
18.2.4
Copy properties.xml to the Oracle BI Publisher Server's File System
18.2.5
Start the BI Publisher Server
18.2.6
Configure JDBC Data Source
18.2.7
Configure AdminProperties Data Source
18.2.8
Test the Reports
19
Multi-Tenant Support
19.1
Configuring Access Control for Customer Care Uses
20
What to Do Next
20.1
Starting the Database and Application Server
20.2
Logging in to Adaptive Risk Manager Online
20.3
Logging in to Adaptive Risk Manager Offline
20.4
Logging in to Adaptive Strong Authenticator
20.5
Using Adaptive Access Manager
21
Troubleshooting Adaptive Risk Manager
21.1
Oracle Adaptive Access Manager is Slow to Respond
21.2
Initialization Parameters Do Not Change When Altering
21.3
Tables Are Not Built After Running db_setup.sql
21.4
Jar Command Not Found
21.5
Background Images Are Not Displayed in Adaptive Strong Authenticator
21.6
Log4j
21.7
SOAP Service Calls Throws Exceptions
21.8
Adaptive Risk Manager Online Is Not Accessible
21.9
Rule Execution Logs Do Not Appear In Session Details
21.10
Unable to Login Into Adaptive Risk Manager
21.11
Adaptive Risk Manager Online Is Accessible But Queries Return Database Errors
21.12
Adaptive Risk Manager Online Application Throws Timeout Errors
21.13
Unable To See All The Menus In Adaptive Risk Manager Online
21.14
Import Fails in Adaptive Risk Manager Deployed in WebLogic
21.15
Rule Conditions Import Causes weblogic.jdbc.wrapper.Clob_oracle_sql_CLOB Exception
21.16
Unable To Reset All User Information From Adaptive Risk Manager Online Customer Care
21.17
The Adaptive Risk Manager Online Sample Webapp Deployed To Latest WebSphere 6.1 Throws An Error
21.18
SunJCE Error
21.19
Adaptive Risk Manager Offline Application Server Fails with OutOfMemory Error During Data Load
21.20
Encounter Errors While Trying To Connect To Oracle Database
21.21
Operating System Becomes Unresponsive
22
Troubleshooting Adaptive Strong Authenticator
22.1
Server, URL, and Port Problems
22.2
Adaptive Strong Authenticator Key Pad Troubleshooting
22.3
Change Password Feature Does Not Work
22.4
Authorization Failure for SOAP Request by Adaptive Strong Authenticator
A
Adaptive Risk Manager User Groups
A.1
Group #1 - CSR
A.2
Group #2 - CSR Manager
A.3
Group #3 - CSR Investigator and Investigator
A.4
Group #4 - Investigation Manager
A.5
Group #5 - Rule Administrator
A.6
Group #6 - Environment Administrator
A.7
Group #7 - SOAP Services
B
Upgrading from 10.1.4.3 to 10.1.4.5
B.1
Upgrading the Oracle Adaptive Access Manager Application Layer
B.1.1
Export Existing Models
B.1.2
Shut Down and Clean Up Logs
B.1.3
Back Up the Existing Web Applications
B.1.4
Deploy and Configure the Web Applications
B.2
Upgrading the Oracle Adaptive Access Manager Database Repository
B.2.1
Part A - Upgrading the Oracle Database Repository
B.2.1.1
Step 1 Stop the Application Servers
B.2.1.2
Step 2 Back Up Database Repository
B.2.1.3
Step 3 Run the Setup Scripts
B.2.1.4
Step 4 Migrate Character Set (Optional)
B.2.2
Part B - Upgrading the SQL Server Database Repository
B.2.2.1
Step 1 Stop Servers
B.2.2.2
Step 2 Back Up Database Repository
B.2.2.3
Step 3 Run the Setup Scripts
B.3
Validating the Upgrade Process
B.4
Upgrading Rule Templates and Pre-Existing Models
B.5
Backing Out or Rolling Back the Upgrade Process
C
Upgrading from 3.5 to 10.1.4.3
C.1
Upgrading the Oracle Adaptive Access Manager Application Layer
C.1.1
Shut Down and Clean Up Logs
C.1.2
Back Up the Existing Web Applications
C.1.3
Deploy and Configure the Web Applications
C.2
Upgrading the Oracle Adaptive Access Manager Database Repository
C.2.1
Upgrading the Oracle Database Repository
C.2.1.1
Backing Up the Oracle Adaptive Access Manager Repository
C.2.1.2
Running the Set Up Scripts
C.2.1.3
Setup Scripts
C.2.2
Upgrading the SQL Server Database Repository
C.2.2.1
Backing Up the Oracle Adaptive Access Manager Repository
C.2.2.2
Running the Setup Scripts
C.2.2.3
Setup Script Reference
C.3
Validating the Upgrade Process
C.4
Backing Out or Rolling Back the Upgrade Process
D
Encryption Reference
D.1
Encryption Scheme Definition
D.2
How the Schemes are Used
D.3
Example of Defining a New Encryption Scheme and Using It
D.4
Creating a Keystore
D.5
Secret Key
E
Archive and Purge
E.1
Overview
E.1.1
Purge Process
E.1.2
Archive Process
E.1.3
Archive and Purge Data Classification
E.1.3.1
Device Fingerprinting
E.1.3.2
Transaction In-Session Based Data
E.1.3.3
Auto-learning Profile Data
E.1.3.4
Rule Log Data
E.2
Archive and Purge
E.2.1
Setting Up for Archive and Purge
E.2.1.1
Setting Up for Archive and Purge for the Oracle Database
E.2.1.2
Setting Up for Archive and Purge for the SQL Server Database
E.2.2
Performing Archive and Purge
E.2.2.1
Oracle Databases
E.2.2.2
SQL Server Database
E.3
Validating Archive and Purge
E.4
Restoring Archived Data
E.5
List of Tables and the Corresponding Archived Tables
E.5.1
Device Fingerprint Tables and Corresponding Archived Tables
E.5.2
Auto-learning Transactional Tables and Corresponding Archive Tables
E.5.3
Transaction Tables and Corresponding Archived Tables
E.5.4
Rule Logs Tables and Corresponding Archived Tables
E.6
Scripts to Set Up Archive and Purge
E.6.1
Scripts for the Oracle Database
E.6.1.1
create_purge_proc.sql
E.6.2
Scripts for the SQL Server Database
E.6.2.1
cr_vcrypt_purge_tables.sql
E.6.2.2
cr_sp_arch_purge_tracker_data.sql
E.6.2.3
cr_sp_arch_purge_txn_logs.sql
E.6.2.4
cr_sp_arch_purge_workflow_data.sql
E.6.2.5
cr_sp_arch_purge_profile_data.sql
E.6.2.6
cr_sp_arch_purge_rules_log.sql
E.7
Scripts to Execute Archive and Purge
E.7.1
exec_sp_purge_tracker_data.sql
E.7.2
exec_sp_purge_txn_log.sql
E.7.3
exec_sp_purge_workflow_data.sql
E.7.4
exec_sp_purge_profile_data.sql
E.7.5
exec_sp_purge_rule_log.sql
E.8
Purging Guidelines
E.8.1
When to Perform Archive and Purge
E.8.2
Minimum Data Retention Policy
E.8.2.1
Device Fingerprinting Data
E.8.2.2
In-session Transactional Tables
E.8.2.3
Auto-learning and Workflow Tables
E.8.2.4
Rule Log Data
E.8.3
Special Requirements
E.8.4
Purging Validation
F
Rule Logging
F.1
Configuration Controls
F.2
Scenario
F.2.1
How It Works
F.2.2
Cases
F.2.3
Main Point of Scenario
F.3
How to Control What Rules Are Logged:
F.4
Examples
G
10.1.4.3 vs. 10.1.4.5 Features
Index