Oracle® Fusion Middleware Administrator's Guide for Oracle Adaptive Access Manager Release 11g (11.1.1) E14568-06 |
|
Previous |
Next |
This appendix provides essential properties used by Oracle Adaptive Access Manager.
Action Override
The Action Override feature is turned off by default. To enable action overrides, set the following property to "true":
vcrypt.tracker.rules.allowControlledActions
Authenticator Phrase
To customize the phrase in the virtual authentication device, set the following two parameters:
bharosa.user.noun.list bharosa.user.adj.list
The authenticator phrase is created by these two properties.
Both are comma-separated lists of words.
Examples:
actors,age,air,aircraft abundant,accessible,accommodating
For images to be displayed, set the following properties
vcrypt.user.image.dirlist.property.name=bharosa.image.dirlist bharosa.image.dirlist=<imagePath>
The following property in client_resource_<locale>.properties
determines whether the QuestionPad is set for visible text input or password (non-visible) input.
bharosa.authentipad.questionpad.datafield.input.type
Valid values are text and password.
The accessible versions of the pads contain tabbing, directions and ALT text necessary for navigation via screen reader and other assistive technologies.
To enable these versions, set the is ADA compliant flag to true.
For native integration the property to control the pads is
desertref.authentipad.isADACompliant
For UIO, the property to control the pads is
bharosa.uio.default.authentipad.is_ada_compliant
Autolearning
To enable autolearning properties:
Ensure that vcrypt.tracker.autolearning.enabled
is set to true.
This property must always be set to true. It is like a "master (on/off) switch" for autolearning.
Set the following properties to true:
vcrypt.tracker.autolearning.use.auth.status.for.analysis
This property must be set to true for the authentication patterns to work. Authentication patterns are the patterns that analyze the data related to authentication (login) related information only.
vcrypt.tracker.autolearning.use.tran.status.for.analysis
This property must be set to true for the transaction-related patterns to work. Transaction related patterns are the one that analyze the transaction related data for autolearning. An example is a pattern that profiles users who are performing wire transfer operations.
If the properties do not exist, create them.
User Name in Lowercase
If you want the user name to be in lowercase, set bharosa.uio.default.username.case.sensitive
to false.
By default this property is set to true.
When it is set to true, the user name is always in lower case. If it is set to false, the user name is taken as is.
For example:
myusername
MyUserName
myUserName
If property is true (default), all of these are the same user and will appear in OAAM Admin as "myusername".
If property is false, all of these are different users and will appear in OAAM Admin as entered.
Configurable Actions
To enable the configurable actions feature, set dynamicactions.enabled
to true.
Device Registration
Setting the following properties adds text and a checkbox to the bottom of the challenge page. When a user is challenged, the checkbox and text would allow him to register the current device (if it is not already registered). If the device is already registered for that user, the option will not appear unless the user unregisters the device in user preferences.
bharosa.uio.default.registerdevice.enabled=true bharosa.uio.default.userpreferences.unregister.this.enabled=true bharosa.uio.default.userpreferences.unregister.all.enabled=true
In native integration, to enable device registration:
Set bharosa.tracker.send.devideId to true, so the device ID can be captured
Enumerations
For the enumerations to be listed in the Properties Editor, you must set the following property to false:
bharosa.config.ui.list.filter.enum=false
Expiry Behavior for CSR Cases
To set "expiry" behavior for CSR cases (default setting), modify the following properties:
customercare.case.expirybehavior.enum.csrcase.behavior = expiry customercare.case.expirybehavior.enum.csrcase.label = Expired customercare.case.expirybehavior.enum.csrcase.durationInHrs = 24 customercare.case.expirybehavior.enum.csrcase.resetonaccess = false
When durationInHrs is set to 24 hours, the case expires in a day.
When resetonaccess is set to true, the expiration date is reset when a case is accessed.
To disable the "expiry" behavior for CSR cases, modify the following property:
customercare.case.expirybehavior.enum.csrcase.behavior = none
KBA
Ensure the bharosa.kba.active
property is set to true.
The "Questions user will register" setting should be between 3 and 7. This provides enough questions to offer good security but does not over burden a user's memory. The basic industry standard for KBA is 3 registered questions.
The max and min limits are configurable through the following properties.
bharosa.config.type.kba_config.enum.regQuestionsCount.validation.minValue=3 bharosa.config.type.kba_config.enum.regQuestionsCount.validation.maxValue=7
Proxy Mode Setting
OAAM Server is configured to be in non-proxy mode with the flag bharosa.uio.proxy.mode.flag
set to false by default.
The user must explicitly configure OAAM Server to be used in proxy mode.
Scheduler
To enable scheduler so that jobs are run, set the following property to true:
vcrypt.reports.scheduler.activate
By default, the property is set to false. Jobs can be created, but they will not run until the property is changed to true.
Transactions in Session Details
Before you can view transactions in the Session Details page, you must set the property to show transactions to true.
bharosa.trackeradmin.show.transaction.detail=true
Setting the property to false turns off the display for transactions.