Contents

List of Figures

List of Tables

Title and Copyright Information

Preface

• Audience
• Documentation Accessibility
• Related Documents
• Conventions

1 Supported Integrations

• 1.1 Integration Deployment Options
• 1.2 Features Integration Options

Part I Native and SOAP Integrations

2 API Integration

• 2.1 Application (API) Integration
  • 2.1.1 SOAP Services
  • 2.1.2 Native API
    • 2.1.2.1 Adaptive Risk Manager Online Native Client API - Web Services/ SOAP
    • 2.1.2.2 Adaptive Risk Manager Online Native Client API - Static Linking
• 2.2 Integration Options
  • 2.2.1 Adaptive Risk Manager Only Scenario
    • 2.2.1.1 User/Password Page (S1.1)
    • 2.2.1.2 Device Fingerprint Flow (F2)
    • 2.2.1.3 Validate User/ Passwd (CP1)
    • 2.2.1.4 Update Authentication Status (P5)
    • 2.2.1.5 Password Status (C1)
    • 2.2.1.6 Post Authentication Rules (R3)
    • 2.2.1.7 Lock Out Page (S2)
    • 2.2.1.8 Landing or Splash Page (S3)
  • 2.2.2 Adaptive Risk Manager, Adaptive Strong Authenticator and KBA Scenario
    • 2.2.2.1 Username Page (S1)
    • 2.2.2.2 Device Fingerprint Flow (F2)
    • 2.2.2.3 Pre Authentication Rules (R1)
    • 2.2.2.4 Use AuthentiPad Rules (R2)
    • 2.2.2.5 Generate Non-Personalized TextPad (P2)
    • 2.2.2.6 Generate Personalized TextPad or KeyPad (P3)
    • 2.2.2.7 Display TextPad or KeyPad (S4 and S5)
    • 2.2.2.8 Decode AuthentiPad Input (P4)
    • 2.2.2.9 Validate User/ Passwd (CP1)
    • 2.2.2.10 Update Authentication Status (P5)
    • 2.2.2.11 Password Status (C1)
    • 2.2.2.12 Post Authentication Rules (R3)
    • 2.2.2.13 Check Question Registration for User (C2)
    • 2.2.2.14 Registration Required Rules (R4)
    • 2.2.2.15 Challenge (QuestionPad) (S6)
    • 2.2.2.16 Check Challenge Question Answer (C3)
    • 2.2.2.17 Run Challenge Rules (R5)
    • 2.2.2.18 Lock Out Page (S2)
    • 2.2.2.19 Landing or Splash Page (S3)
  • 2.2.3 Adaptive Risk Manager and KBA Scenario
• 2.3 Troubleshooting

3 Native Integration .net

• 3.1 Architecture
• 3.2 Installing SDK
• 3.3 Application Configuration
• 3.4 Properties
• 3.5 User-Defined Enumeration
• 3.6 Users
• 3.7 Adaptive Risk Manager
• 3.8 Rules Engine
  • 3.8.1 Device ID Evaluation
  • 3.8.2 Create Transactions in Bulk
  • 3.8.3 Update Transactions in Bulk
• 3.9 Challenge Questions
• 3.10 Reset Challenge Failure Counters
• 3.11 Authenticators
  • 3.11.1 Creating an Authenticator
  • 3.11.2 Embedding an Authenticator in a Web Page
  • 3.11.3 Decoding User Input
• 3.12 Specifying Credentials to Access Adaptive Risk Manager SOAP Services
• 3.13 Encrypting Property Values
• 3.14 Troubleshooting
• 3.15 ASP.NET Applications
• 3.16 SampleWebApp
• 3.17 SampleWebAppWithTracker
• 3.18 SampleWebAppAuthTracker
• 3.19 SampleKBATracker

4 Native Integration Java

• 4.1 Installation
• 4.2 Adaptive Risk Manager
  • 4.2.1 handleTrackerRequest
  • 4.2.2 createTransaction
  • 4.2.3 updateTransaction
  • 4.2.4 handleTransactionLog
  • 4.2.5 updateTransactionStatus
  • 4.2.6 updateLog
  • 4.2.7 updateAuthStatus
  • 4.2.8 processPatternAnalysis
  • 4.2.9 markDeviceSafe
  • 4.2.10 IsDeviceMarkedSafe
  • 4.2.11 clearSafeDeviceList
• 4.3 Rules Engine
  • 4.3.1 processRules
    • 4.3.1.1 Device ID Evaluation
• 4.4 Customer Care
  • 4.4.1 getFinalAuthStatus
  • 4.4.2 setTemporaryAllow
  • 4.4.3 cancelAllTemporaryAllows
  • 4.4.4 resetUser
  • 4.4.5 getRulesData
  • 4.4.6 getActionCount

Part II Universal Installation Option and Related Integrations

5 Oracle Adaptive Access Manager Proxy

• 5.1 Introduction
  • 5.1.1 Important Terms
  • 5.1.2 Architecture
  • 5.1.3 References
• 5.2 Oracle Adaptive Access Manager Proxy for Microsoft ISA Installation
  • 5.2.1 Proxy Web Publishing Configuration
    • 5.2.1.1 Web Listener Creation
    • 5.2.1.2 Web Publishing Rule Creation
  • 5.2.2 Registering the Oracle Adaptive Access Manager Proxy for Microsoft ISA DLL
  • 5.2.3 Settings
    • 5.2.3.1 Configuration files
    • 5.2.3.2 Configuration Reload
    • 5.2.3.3 Session Id Cookie
    • 5.2.3.4 Session Inactive Interval
    • 5.2.3.5 Settings for Troubleshooting
• 5.3 Oracle Adaptive Access Manager Proxy for Apache
  • 5.3.1 Package Contents
    • 5.3.1.1 Windows
    • 5.3.1.2 Linux
  • 5.3.2 Apache httpd Requirements
    • 5.3.2.1 Windows
    • 5.3.2.2 Linux
  • 5.3.3 Copying the Oracle Adaptive Access Manager Proxy for Apache and Supported Files to Apache
    • 5.3.3.1 Windows
    • 5.3.3.2 Linux
  • 5.3.4 Configuring Memcache (for Linux only)
  • 5.3.5 Configuring httpd.conf
    • 5.3.5.1 Basic Configuration without SSL
    • 5.3.5.2 Configuration with SSL
  • 5.3.6 Modifying the Oracle Adaptive Access Manager Proxy for Apache Settings
    • 5.3.6.1 UIO_Settings.xml
    • 5.3.6.2 UIO_log4j.xml
    • 5.3.6.3 Application configuration XMLs
• 5.4 Setting Up Rules and User Groups
• 5.5 Setting Up Models
• 5.6 Oracle Adaptive Access Manager Proxy Configuration
  • 5.6.1 Interceptors
  • 5.6.2 Conditions
  • 5.6.3 Filters
  • 5.6.4 Filter Examples - ProcessString
  • 5.6.5 Actions
  • 5.6.6 Variables
  • 5.6.7 Application
• 5.7 Interception process
• 5.8 Adaptive Strong Authenticator Interface
• 5.9 Application Discovery
  • 5.9.1 Application Information
  • 5.9.2 Setting Up the Oracle Adaptive Access Manager Proxy for Microsoft ISA
  • 5.9.3 Setting Up the Oracle Adaptive Access Manager Proxy for Apache
  • 5.9.4 Scenarios
• 5.10 Samples
• 5.11 Troubleshooting

6 Configuring Adaptive Strong Authenticator

• 6.1 Architecture
• 6.2 Setting Adaptive Strong Authenticator Settings
• 6.3 First Steps
  • 6.3.1 Determining the Application ID
  • 6.3.2 Determining Default User Groups
• 6.4 Customizing User Interface Branding
  • 6.4.1 Custom Header / Footer
  • 6.4.2 Custom CSS
  • 6.4.3 Custom Content and Messaging
• 6.5 How Properties Work
  • 6.5.1 Property Extension
  • 6.5.2 User-Defined Enums
  • 6.5.3 Overriding Existing User-Defined Enums
  • 6.5.4 Disabling Elements
• 6.6 Authenticator Properties
  • 6.6.1 TextPad
  • 6.6.2 KeyPad
  • 6.6.3 PinPad
  • 6.6.4 QuestionPad
• 6.7 Enabling Device Registration

7 Authenticator Properties

• 7.1 Property Files
• 7.2 What Authenticator Interfaces Should My Organization Use?
• 7.3 What Elements of the Authenticator User Interface Can Be Configured?
  • 7.3.1 The Frame
  • 7.3.2 Features Configuration
    • 7.3.2.1 TextPad
    • 7.3.2.2 QuestionPad
    • 7.3.2.3 Keypad
    • 7.3.2.4 PinPad
• 7.4 Authenticator Specifications
• 7.5 Accessibility
• 7.6 KeysSets
  • 7.6.1 User Defined Enums Overview
  • 7.6.2 KeySet Definition

Part III Integration with Oracle Access Manager

8 Oracle Access Manager Integration

• 8.1 Prerequisites
• 8.2 Integration Overview
• 8.3 Configure Oracle Access Manager AccessGate for Adaptive Strong Authenticator Embedded AccessGate
• 8.4 Configure Oracle Access Manager AccessGate for Adaptive Strong Authenticator Front-End Web Server
• 8.5 Configure Oracle Access Manager Authentication Scheme for the Adaptive Strong Authenticator
• 8.6 Configure Oracle Access Manager Host Identifiers for Adaptive Strong Authenticator (Optional)
• 8.7 Install ASDK for Adaptive Strong Authenticator
• 8.8 Configure ASDK AccessGate for Adaptive Strong Authenticator
• 8.9 Install Web Server to Implement WebGate
• 8.10 Install WebGate for Adaptive Strong Authenticator Front-End Web Server
• 8.11 Unpack and Install Oracle Adaptive Access Manager Plug-In to Adaptive Strong Authenticator for Oracle Access Manager Integration
• 8.12 Copy ASDK JAR Files to Adaptive Strong Authenticator
• 8.13 Add ASDK Library Path to Adaptive Strong Authenticator Application Properties
• 8.14 Add ASDK Library Path to Adaptive Strong Authenticator Server Properties
• 8.15 Configure Oracle Access Manager Domain to use Adaptive Strong Authenticator Authentication
• 8.16 Testing Oracle Adaptive Access Manager-Oracle Access Manager Integration

Part IV Features Integrations

9 Auto-learning

• 9.1 Pattern Data Processing (On-Line and Scheduled)
• 9.2 APIs for Triggering Pattern Data Processing
  • 9.2.1 updateTransactionStatus
  • 9.2.2 updateAuthStatus
  • 9.2.3 processPatternAnalysis

10 Configurable Actions

• 10.1 Integration
• 10.2 Executing Configurable Actions in a Particular Order and Data Sharing
• 10.3 How to Test Configurable Actions Triggering
• 10.4 Sample JUnit Code

11 Configuring Expiry/Overdue for Cases

• 11.1 CSR Cases
  • 11.1.1 Set the "Expiry" Behavior for CSR Cases (Default Setting)
  • 11.1.2 Disable "Expiry/Overdue" Behavior for CSR Cases
  • 11.1.3 Set "Overdue" Behavior for CSR Cases
• 11.2 Agent Cases
  • 11.2.1 Set "Overdue" Behavior for Agent Cases (Default Setting)
  • 11.2.2 Disable "Overdue/Expiry" Behavior for Agent Cases
  • 11.2.3 Set "Expiry" Behavior for Agent Cases

Index