1/44
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Introduction to the Developer's Guide
Part I Native Integration
2
Natively Integrating Oracle Adaptive Access Manager
2.1
About OAAM Native Integration
2.1.1
What is Native Integration?
2.1.2
SOAP Service Wrapper API Integration
2.1.3
In-Proc Integration
2.1.4
SOAP Service Wrapper API vs. In-Proc Method
2.1.5
Non-Native Integration - SOAP Services
2.2
Getting Started
2.2.1
Downloading the OAAM Sample Application
2.2.2
Setting Up the Native SOAP-based OAAM Sample Application
2.2.2.1
Pre-requisites
2.2.2.2
Installing and Configuring the OAAM Sample Application
2.2.3
Setting Up the Native In-Proc-Based OAAM Sample Application
2.2.3.1
Pre-requisites
2.2.3.2
Install and Configure
2.3
Integrating Virtual Authentication Devices, Knowledge-Based Authentication, and One-Time Password
2.3.1
User Name Page (c1)
2.3.2
Device Fingerprint Flow (r2)
2.3.3
Run Pre-Authentication Rules (r1)
2.3.4
Run Virtual Authentication Device Rules (r3)
2.3.5
Generate a Generic TextPad (p1)
2.3.6
Generate a Personalized TextPad or KeyPad (p2)
2.3.7
Display TextPad and KeyPad (s2 and s3)
2.3.8
Decode Virtual Authentication Device Input (p3)
2.3.9
Validate User and Password (c2)
2.3.10
Update Authentication Status (p4)
2.3.11
Password Status (c3)
2.3.12
Run Post-Authentication Rules (r4)
2.3.13
Check Registration for User (p5)
2.3.14
Run Registration Required Rules (r5)
2.3.15
Enter Registration Flow (p6)
2.3.16
Run Challenge Rules (r6)
2.3.17
Run Authentication Rules (r7)
2.3.18
Challenge the User (p7)
2.3.19
Check Answers to Challenge (c4)
2.3.20
Lock Out Page (c6)
2.3.21
Landing or Splash Page (c5)
3
Integrating Native .NET Applications
3.1
Introduction
3.2
Oracle Adaptive Access Manager .NET SDK
3.3
Configuration Properties
3.3.1
How the API Uses Properties
3.3.2
Encrypting Property Values
3.3.3
Using User-Defined Enumerations to Define Elements
3.4
Oracle Adaptive Access Manager API Usage
3.4.1
User Details
3.4.2
User Logins and Transactions
3.4.3
Rules Engine
3.4.3.1
Device ID
3.4.3.2
Creating and Updating Bulk Transactions
3.4.4
Validate a User with Challenge Questions
3.4.5
Reset Challenge Failure Counters
3.4.6
Virtual Authentication Devices
3.4.6.1
Creating a Virtual Authentication Device
3.4.6.2
Embedding a Virtual Authentication Device in a Web Page
3.4.6.3
Validating User Input with a Virtual Authentication Device
3.4.7
Specify Credentials to the Oracle Adaptive Access Manager SOAP Server
3.4.8
Trace Messages
3.4.9
.Net API Support for X.509 SSL Certificate Configuration
3.5
OAAM Sample Applications as Reference for Integration
3.5.1
Downloading the Sample Package
3.5.2
ASP.NET Applications
3.5.3
OAAM Sample Application Details
3.5.3.1
SampleWebApp
3.5.3.2
SampleWebAppTracker
3.5.3.3
SampleWebAppAuthTracker
3.5.3.4
SampleKBATracker
3.5.4
Setting Up the Environment
3.5.4.1
Modifying the web.config File
3.5.4.2
Setting Properties for Images
3.5.4.3
Running the Application
3.5.5
Example: Enable Transaction Logging and Rule Processing
3.5.6
OAAM .NET API
4
Natively Integrating OAAM with Java Applications
4.1
About the Oracle Adaptive Access Manager Shared Library
4.1.1
Overview of the Integration Process
4.1.2
Using Oracle Adaptive Access Manager Shared Library in Web Applications
4.1.3
Using Oracle Adaptive Access Manager Shared Library in Enterprise Applications
4.1.4
Customizing/Extending/Overriding Oracle Adaptive Access Manager Properties
4.2
OAAM Java In-Proc Integration
4.3
OAAM SOAP Integration
4.3.1
Enabling Web Services Authentication
4.3.2
Creating User and Group
4.3.3
Configuring Web Services Authorization
4.3.4
Setting Up Client Side Keystore to Secure the SOAP User Password
4.3.5
Setting SOAP Related Properties in oaam_custom.properties
4.3.6
Setting Up the Base Environment in OAAM Native SOAP Integration
4.4
About VCryptResponse
4.5
Oracle Adaptive Access Manager APIs
4.5.1
addQuestion
4.5.2
authenticatePassword
4.5.3
authenticateQuestion
4.5.4
cancelAllTemporaryAllows
4.5.5
clearSafeDeviceList
4.5.6
createOAAMSession
4.5.7
createOrUpdateEntities
4.5.8
createTransaction
4.5.9
createUser
4.5.10
deleteQuestion
4.5.11
getActionCount
4.5.12
getCaption
4.5.13
getFinalAuthStatus
4.5.14
getImage
4.5.15
getOTPCode
4.5.16
getRulesData
4.5.17
getSecretQuestion
4.5.18
getSignOnQuestions
4.5.19
getUserByLoginId
4.5.20
handleTrackerRequest
4.5.21
handleTransactionLog
4.5.22
IsDeviceMarkedSafe
4.5.23
markDeviceSafe
4.5.24
processPatternAnalysis
4.5.25
processRules
4.5.26
resetUser
4.5.27
searchEntityByKey
4.5.28
setCaption
4.5.29
setImage
4.5.30
setPassword
4.5.31
setTemporaryAllow
4.5.32
updateAuthStatus
4.5.33
updateLog
4.5.34
updateTransaction
4.5.35
updateTransactionStatus
5
Creating, Updating, and Searching for Entities Using the Entity API
5.1
About the Entity APIs
5.1.1
Entity Tasks
5.1.2
Processing Status
5.1.3
Create or Update Entities
5.1.4
Replace or Merge Attributes
5.1.5
Search Entity By Key
5.2
Creating Entities and Mapping Attributes
5.2.1
Entity Data Map
5.2.2
Complex Entity
5.2.3
Creating a Simple Entity
5.2.4
Updating Attributes of an Existing Entity
5.2.5
Erasing the Value of Attributes of an Existing Entity
5.2.6
Creating an Entity that has Related Entities with Complete Data of Both Top-Level Entity and Related Entities
5.2.7
Creating an Entity that has Related Entities (with Multiple Instances of a Single Entity) with Complete Data of Both Top-Level Entity and Related Entities
5.2.8
Creating an Entity that has Related Entities with Complete Data of Top-level Entity and Entity Ids of One or More Related Entities
5.2.9
Updating Related Entities of an Entity with Entity Ids of Related Entities
5.2.10
Unlinking Linked Entities.
5.2.11
Searching for an Entity on the Basis of Entity ID or Key Data
5.3
Data Storage
5.3.1
Data Model
5.3.2
Metadata
5.3.3
Expiry of Records
5.3.4
Transaction-Entity Mapping
5.3.5
Storing Entity Relationships in Transaction Create/Update
5.4
Common Entity Scenario
Part II Universal Installation Option
6
Oracle Adaptive Access Manager Proxy
6.1
Introduction
6.1.1
Important Terms
6.1.2
Architecture
6.1.3
References
6.2
Installing UIO Apache Proxy
6.2.1
Before You Begin - UIO Proxy Files for Windows and Linux
6.2.1.1
Windows
6.2.1.2
Linux
6.2.2
Downloading or Building the Apache httpd
6.2.2.1
Windows
6.2.2.2
Linux
6.2.3
Copying the UIO Apache Proxy and Supported Files to Apache
6.2.3.1
Windows
6.2.3.2
Linux
6.2.4
Configuring Memcache (for Linux only)
6.2.5
Configuring httpd.conf
6.2.5.1
Basic Configuration without SSL
6.2.5.2
Configuration with SSL
6.2.6
Modifying the UIO Apache Proxy Settings
6.2.6.1
UIO_Settings.xml
6.2.6.2
UIO_log4j.xml
6.2.6.3
Application configuration XMLs
6.3
Setting Up Rules and User Groups
6.4
Setting Up Policies
6.5
Configuring the UIO Proxy
6.5.1
Elements of the UIO Proxy Configuration File
6.5.1.1
Components of Interceptors
6.5.1.2
Conditions
6.5.1.3
Filters
6.5.1.4
Filter Examples - ProcessString
6.5.1.5
ProcessString Encoding/Decoding Schemes for Special Characters URL Encoded in OAAM Change Password
6.5.1.6
Filter Examples - FormatString
6.5.1.7
Actions
6.5.1.8
Variables
6.5.1.9
Application
6.5.2
Interception Process
6.5.3
Configuring Redirection to the Oracle Adaptive Access Manager Server Interface
6.6
Application Discovery
6.6.1
Application Information
6.6.2
Setting Up the UIO Apache Proxy
6.6.3
Scenarios
6.7
OAAM Sample Application
6.7.1
Descriptions for Interceptors
6.7.2
Flow for BigBank without UIO Proxy
6.7.2.1
Login
6.7.2.2
Logout
6.7.3
Flow for First-time User to Log In and Log Out of BigBank with UIO Proxy
6.8
Upgrading the UIO Apache Proxy
6.8.1
UIO Apache Proxy Patch Installation Instructions
6.8.2
Patch Unsuccessful
Part III Customization and Extensions
7
Using the OAAM Extensions Shared Library to Customize OAAM
7.1
Customizing or Extending OAAM By Editing Enums
7.2
Adding Customizations Using the OAAM Extensions Shared Library
7.2.1
Prerequisite
7.2.2
Step 1 Extract the OAAM Extensions Shared Library
7.2.3
Step 2 Create a MANIFEST.MF File
7.2.4
Step 3 Compile Custom Java Classes
7.2.5
Step 4 Add Custom JARs and Files
7.2.6
Step 5 Repackage the OAAM Extensions Shared Library
7.2.7
Step 6 Verify If the Repackaged WAR File Contains the Custom JAR Files
7.2.8
Step 7 Stop All Managed Servers
7.2.9
Step 8 Start the WebLogic Administration Server
7.2.10
Step 9 Log In to the WebLogic Administration Console
7.2.11
Step 10 Deploy the New OAAM Extensions Shared Library
7.2.12
Step 11 Test the Functionality
8
Customizing OAAM Web Application Pages
8.1
Tips for Customizing the OAAM Web Application Pages
8.2
OAAM Properties
8.2.1
Enum Example
8.2.2
Overriding Existing User-Defined Enums
8.2.3
Disabling Elements
8.3
Customizing the OAAM Server for Multiple Applications
8.3.1
Determining the Application ID
8.3.2
Determining Default User Groups
8.3.3
Configuring Application Properties
8.3.4
Property Extension
8.4
Customizing the Appearance of OAAM Server Pages
8.4.1
Customizing Headers and Footers
8.4.2
Customizing Content and Messaging
8.4.3
Modifying User Interface Styles
8.5
Enabling the Single Login Page
8.5.1
Configuring the OAAM Single Login Page So That the "Where is my password" Link Does Not Display
8.5.2
Configuring the OAAM Single Login Page to Accept the Password Along with the User Name
8.5.3
Enabling the Password Field in the OAAM Single Login Page
8.5.4
Ensuring that OAAM is Configured to Use the OAAM HTML Pad Instead of the Virtual Authentication Devices
8.6
Questions/Answers About User Interface Customizations
9
Customizing User Flow and Layout
9.1
User Flows and Layout
9.1.1
Struts Actions
9.1.1.1
Action Definition
9.1.1.2
Action Type
9.1.2
Base Layout Definition
9.1.3
How Struts and Tiles Work Together
9.2
Custom User Flows and Layout Example
9.2.1
Customize the Look-and-Feel
9.2.2
Customize the User Page Flows and Actions
9.3
Tile Definition File
9.4
Struts Configuration File
10
Configuring Properties for Localization
10.1
Turning Off Localization
10.2
Overriding Localized Properties
10.3
Configuring Language Defaults for Oracle Adaptive Access Manager
10.3.1
Example 1
10.3.2
Example 2
10.3.3
Example 3
10.3.4
Example 4
10.4
Customizing Abbreviations and Equivalences for Locales
11
Setting Up Custom Fingerprinting
11.1
Out of the Box Fingerprint Types
11.2
Setting Up Custom Fingerprinting
12
Flash Fingerprinting in Native Integration
12.1
Device Fingerprinting
12.2
Definitions of Variables and Parameters
12.3
Implementations of Flash Fingerprinting
12.3.1
Option 1
12.3.1.1
Option 1 Flow
12.3.1.2
Option 1 Code Example
12.3.2
Option 2
12.3.2.1
Option 2 Flow
12.3.2.2
Option 2 Code Example
12.3.3
Option 3
12.3.3.1
Option 3 Flow
12.3.3.2
Option 3 Code Example
12.3.3.3
Common Update
12.4
Flash Fingerprinting Included in Web Application with Native Integration
13
Extending Device Identification
13.1
What is Device Identification?
13.1.1
Data Gathering
13.1.2
Data Processing
13.1.3
Data Storage
13.2
When to Extend Device Identification
13.2.1
Prerequisites
13.2.2
Developing a Custom Device Identification Extension
13.2.2.1
Implement the Client Side Extension
13.2.2.2
Add Properties Related to Custom Device Identification Extension to OAAM Extensions Shared Library
13.2.2.3
Extend/Implement the DeviceIdentification Extension Class
13.2.2.3.1
getPlugInHTML
13.2.2.3.2
getFingerPrint
13.2.2.3.3
getDigitalCookie
13.2.2.3.4
getClientDataMap
13.2.3
Overview of Interactions
13.2.4
Compile, Assemble and Deploy
13.2.5
Important Note About Implementing the Extension
14
Enabling Device Registration
14.1
Enabling Device Registration in Native Integration
14.2
Enabling Device Registration Out-of-the-Box
14.3
Create Policies to Use Device Information
14.4
CSR Resetting Device Registration
Part IV Integrating Applications
15
Integrating Client Applications with OAAM for Transactions
15.1
Transaction Example
15.2
About the Transaction Flow
15.3
High-Level Steps Required to Integrate Native Client Applications with OAAM
15.4
OAAM Set Up and Configuration
15.4.1
Set Up Transaction Definitions
15.4.2
Set up Policies and Rules
15.4.3
Sizing and Capacity Requirements
15.5
Client Setup
15.6
Entity and Transaction APIs
15.6.1
Sequence of API Calls
15.6.2
Out-of-the-Box Checkpoints
15.6.2.1
Pre-Transaction Checkpoint
15.6.2.2
Post - Transaction Checkpoint
15.6.3
Entities API List
15.6.3.1
create OrUpdateEntities
15.6.3.2
SearchEntityByKey
15.7
Run-time Data Analysis
15.7.1
Investigation Transaction Search, Comparison, and Utility Panel
15.7.2
BIP Reports
15.8
Targeted Purging of Transaction and Entity Data
16
Implementing OTP Anywhere
16.1
About the OTP Implementation
16.2
Concepts and Terms
16.3
Prerequisites
16.3.1
Install SOA Suite
16.3.2
Configure the Oracle User Messaging Service Driver
16.3.2.1
Email Driver
16.3.2.2
SMPP Driver
16.4
OTP Setup
16.5
Configure OTP
16.5.1
Integrate Oracle User Messaging Service
16.5.2
Enable OTP Challenge Types
16.5.3
Enable Registration and User Preferences
16.6
Customize OTP
16.6.1
Customize Registration Fields and Validations
16.6.2
Customize Terms and Conditions
16.6.3
Customize Registration Page Messaging
16.6.4
Customize Challenge Page Messaging
16.6.5
Customize OTP Message Text
16.6.6
Enable Opt Out Functionality
16.7
Register SMS Processor to Perform Work for Challenge Type
16.8
Customize One-Time Password Generation
16.9
Customize One Time Password Expiry Time
16.10
Configure the Challenge Pads Used for Challenge Types
16.11
Customize OTP Anywhere Data Storage
16.11.1
com.bharosa.uio.manager.user.UserDataManagerIntf
16.11.2
Default Implementation - com.bharosa.uio.manager.user.DefaultContactInfoManager
16.11.3
Custom Implementation Recommendations
16.11.4
Configure Properties
16.12
Example Configurations
16.12.1
Additional Registration Field Definitions Examples
16.12.1.1
Email Input
16.12.1.2
Phone Input
16.12.1.3
Example - OTP Registration Page to Display Values for Entry of an Email Address Instead of a Mobile Phone
16.12.1.4
IM Input
16.12.2
Additional Challenge Message Examples
16.12.2.1
Customize OTP Email Message
16.12.2.2
Customize OTP IM Message
16.12.3
Additional Processors Registration Examples
16.12.3.1
Register Email Challenge Processor
16.12.3.2
Register IM Challenge Processor
16.13
Challenge Use Case
17
Integrating Mobile Applications with OAAM
17.1
Overview for Integrating Mobile Applications with OAAM
17.2
Determine Mobile Device Fingerprint
17.3
Develop/Enhance Client Server Interfaces to Handle OAAM-Specific Data
17.4
Out-of-the-box Mobile Device Identification Policy
17.4.1
Identify Device by Mobile Cookie
17.4.2
New Device
17.5
Review Out-of-the-Box Security Policies and Develop Custom Policies If Required
17.6
Process to Manage Lost or Stolen Devices
17.7
Process to Manage Black Listed Devices
17.8
Handle Mobile Specific Rule Outcomes
17.9
Customizing User Interface for Mobile Devices
17.10
Custom Mobile CSS File Inclusion
18
Integrating Juniper Networks Secure Access (SA) and OAAM
18.1
Introduction
18.2
Authentication and Forgot Password Flows
18.2.1
Authentication Flow
18.2.2
Forgot Password Flow
18.3
Security and Authentication Integration
18.3.1
Integration Roadmap
18.3.2
Pre-requisites
18.3.3
Configure the Authentication Provider
18.3.4
Configure Oracle Platform Security Services (OPSS) for Integration
18.3.5
Import the SAML Configuration-Related Server Properties Using the OAAM Administration Console
18.3.6
Set Up Certificate for Signing the Assertion
18.3.6.1
Create Private Key for Certificate
18.3.6.2
Create a Certificate Request
18.3.6.3
Submit the Certificate Signing Request (CSR) to a Certificate Authority
18.3.6.4
Act as Your Own Certificate Authority
18.3.6.4.1
Prerequisites
18.3.6.4.2
Create the Necessary Directories
18.3.6.4.3
Initial OpenSSL configuration
18.3.6.4.4
Create the CA Certificate and Private Key
18.3.6.4.5
More OpenSSL Configuration (Mandatory)
18.3.6.4.6
Sign the Certificate Request
18.3.6.5
Import the Certificate into Your Keystore
18.3.7
Modify Integration Properties Using the OAAM Administration Console
18.3.8
Configure Juniper Networks Secure Access (SA)
18.3.8.1
Create SAML 1.1 Authentication Server
18.3.8.2
Create a User Realm for SAML
18.3.8.3
Create Sign-In Policy
18.4
Verify the Integration
18.5
Debug the Integration
18.6
Troubleshooting Common Problems
18.6.1
Juniper SA and OAAM Clock Synchronization
18.6.2
Absence of a Correct Certificate on Juniper
18.6.3
Signing Failure in SAML Response
18.6.4
Entry Point URL for OAAM
19
Java Message Service Queue (JMSQ) Integration
19.1
JMS Definitions
19.2
Install the Asynchronous Integration Option
19.2.1
Pre-requisites
19.2.2
Installing the Asynchronous Integration Option
19.2.3
Updating the OAAM Extensions Library
19.2.4
Setting Up JMS Queues
19.2.5
Updating the OAAM Database
19.3
JMS Integration
19.3.1
Web Services API
19.3.2
JMS Integration Diagram
19.3.3
Registering the JMS Listener
19.3.4
Configuring Message Processor
19.4
JMS Messages
19.4.1
JMS Message Examples
19.4.1.1
VCryptTracker.updateLog
19.4.1.2
VCryptTracker.updateEntity
19.4.1.3
VCryptTracker.createTransaction
19.4.1.4
VCryptRulesEngine.processRules
19.4.1.5
MessageList
19.4.2
XML Schema Example for Message Formats
19.4.3
Sending a Message to a JMS Queue
19.5
Database Views for Entities and Transactions
19.5.1
Generating SQL Script File
19.5.2
Entity View Details
19.5.3
Transaction View Details
19.5.4
Identifiers
19.6
Python Rule Condition
19.6.1
Python Expression
19.6.2
Objects Available in Python
19.6.3
Examples
20
Integrating Oracle Access Manager 10
g
and Oracle Adaptive Access Manager 11
g
20.1
Resource Protection Flow
20.2
Roadmap for OAAM Integration with Access Manager
20.3
Prerequisites
20.4
Configuring OAM AccessGate for OAAM Web Server
20.5
Configuring OAM Authentication Scheme
20.6
Configuring Oracle Access Manager Connection (Optional)
20.7
Setting Up WebGate for OAAM Web Server
20.8
Configuring OAM Domain to Use OAAM Authentication
20.9
Configuring Oracle HTTP Server (OHS)
20.10
Configuring Oracle Adaptive Access Manager Properties for Oracle Access Manager
20.10.1
Setting Oracle Adaptive Access Manager Properties for Oracle Access Manager
20.10.2
Setting Oracle Access Manager Credentials in Credential Store Framework
20.11
Turning Off IP Validation
20.12
Testing Oracle Adaptive Access Manager and Oracle Access Manager Integration
Part V Custom Development
21
Using and Developing a Virtual Authentication Devices
21.1
About Virtual Authentication Devices
21.1.1
Virtual Authentication Device Terminology
21.1.2
Virtual Authentication Device Types
21.1.2.1
TextPad
21.1.2.2
PinPad and KeyPad
21.1.2.3
QuestionPad
21.1.3
Virtual Authentication Device Configuration Files and Properties
21.1.3.1
Files Used in Virtual Authentication Device Configuration
21.1.3.2
Virtual Authentication Device Property Construction
21.1.3.3
Randomization and Jitter Properties
21.1.3.3.1
TextPad Randomization and Jitter Properties
21.1.3.3.2
KeyPad Randomization and Jitter Properties
21.1.3.3.3
PinPad Randomization and Jitter Properties
21.1.3.3.4
QuestionPad Randomization and Jitter Properties
21.2
What Elements of the Authenticator Can Be Customized?
21.2.1
Virtual Authentication Device Composition
21.2.2
Personalized Image
21.2.3
Frames
21.2.3.1
TextPad Authenticator Image and Frame Properties
21.2.3.2
PinPad Authenticator Image and Frame Properties
21.2.3.3
QuestionPad Authenticator Image and Frame Properties
21.2.3.4
KeyPad Authenticator Image and Frame Properties
21.2.4
Enter Key, Personalized Phrase, and Time Stamp Positioning
21.2.4.1
TextPad Visual Elements
21.2.4.2
PinPad Visual Elements
21.2.4.3
QuestionPad Visual Elements
21.2.4.4
KeyPad Visual Elements
21.2.4.5
Configuring Text Size for Apple iPhone
21.2.5
KeysSets
21.3
Customization Steps
21.4
Simple Configuration Example
21.4.1
Designing the Frame
21.4.2
Positioning the Elements
21.5
Displaying Virtual Authentication Devices
21.5.1
Setting Up Before Calling the get<pad_type> Method
21.5.2
Getting the Virtual Authentication Device
21.5.3
Setting Timestamp and Time Zone
21.5.4
Displaying Virtual Authentication Devices
21.6
Enabling Accessible Versions of Authenticators
21.7
Customizing the OAAM Server Pages
21.8
Localizing Virtual Authentication Device in OAAM 11
g
21.8.1
Overview
21.8.2
Example Using German Locale
21.9
Changing the Limit of Characters for Passwords
21.10
KeyPad Scenario
22
Integrating Task Processors
22.1
Introduction
22.2
OAAM Sample Framework as a Reference for Integration
22.3
Session Management
22.4
Task Processors
22.4.1
Interface and Abstract Class
22.4.1.1
TaskProcessorIntf
22.4.1.2
AbstractTaskProcessor
22.4.1.3
Default Classes
22.4.2
Task Processor Registration
22.5
Challenge Processors
22.5.1
What are Challenge Processors
22.5.2
How to Create Challenge Processors
22.5.2.1
Class
22.5.2.2
Methods
22.5.2.3
Example: Email Challenge Processor Implementation
22.5.2.4
Secret (PIN) Implementation
22.5.3
Define the Delivery Channel Types for the Challenge Processors
22.5.3.1
Challenge Type Enum
22.5.3.2
Example: Defining an OTP Channel Type
22.5.4
Configure User Input Properties
22.5.4.1
Enable Registration and Preferences Input
22.5.4.2
Set Contact Information Inputs
22.5.5
Configure the Challenge Pads Used for Challenge Types
22.6
Checkpoint Processor
22.7
Rules Results Processor
22.8
Integration Processors
22.8.1
IntegrationProcessorIntf Interface
22.8.2
Common User Flows
22.8.3
Integration Processor Parameters
22.8.3.1
Check for Integration ID
22.8.3.2
Integration Processor Registration
22.8.3.3
Oracle Access Management Access Manager Specific Integration Properties for Authentication Levels
22.9
Provider Registration
22.9.1
Authentication Manager
22.9.2
Password Manager
22.9.3
User Data Manager
22.10
Legacy Rules Result Processors
23
Developing a Custom Loader for OAAM Offline
23.1
Developing a Custom Loader for OAAM Offline
23.2
Base Framework
23.2.1
Overview
23.2.2
Important Classes
23.2.3
General Framework Execution
23.3
Default Implementation
23.3.1
Default Load Implementation
23.3.2
Default Playback Implementation
23.4
Implementation Details: Overriding the Loader or Playback Behavior
23.5
Implement RiskAnalyzerDataSource
23.5.1
Extending AbstractJDBCRiskAnalyzerDataSource
23.5.2
Extending AbstractRiskAnalyzerDataSource
23.6
Implement RunMode
23.6.1
Extending AbstractLoadLoginsRunMode
23.6.2
Extending AbstractLoadTransactionsRunMode
23.6.3
Extending PlaybackRunMode
24
Creating OAAM Oracle BI Publisher Reports
24.1
Create Oracle BI Publisher Reports on Data in the OAAM Database Schema
24.1.1
Create a Data Model
24.1.2
Map User Defined Enum Numeric Type Codes to Readable Names
24.1.2.1
Results Display
24.1.2.2
English Only User Defined Enum Result Display
24.1.2.3
Internationalized User Defined Enum Result Display
24.1.3
Adding Lists of Values
24.1.3.1
User Defined Enums as List of Values for Filtering, English Only
24.1.3.2
User Defined Enums as List of Values for Filtering, Internalized
24.1.4
Adding Geolocation Data
24.1.5
Adding Sessions and Alerts
24.1.5.1
Type Code Lookups
24.1.6
Example
24.1.7
Adding Layouts to the Report Definition
24.2
Building OAAM Transactions Reports
24.2.1
Get Entities and Transactions Information
24.2.2
Discover Entity Data Mapping Information
24.2.2.1
Information about Data Types
24.2.2.2
Discover Entity Data Details Like Data Type, Row and Column Mappings
24.2.2.3
Build Entity Data SQL Queries and Views
24.2.3
Discover Transaction Data Mapping Information
24.2.3.1
Discover Transaction data details like Data Type, Row and Column mappings
24.2.3.2
Build Transaction Data SQL Queries and Views
24.2.4
Build Reports
24.2.4.1
Building Entity Data Reports
24.2.4.2
Building Transaction Data Reports
24.2.4.3
Joining Entity Data Tables and Transaction data tables
24.2.5
Generating a Database View of Entities and Transactions
24.2.5.1
Generating the SQL Script File
24.2.5.1.1
Pre-requisites
24.2.5.1.2
Generate the SQL Script
24.2.5.2
Creating the Database Views for Entities and Transactions
24.2.5.3
Entity View Details
24.2.5.4
Transaction View Details
24.2.5.5
Identifiers
24.2.5.6
Example of SQL Query to Create a View
25
Developing Configurable Actions
25.1
Adding a New Configurable Action
25.2
Executing Configurable Actions in a Particular Order and Data Sharing
25.3
How to Test Configurable Actions Triggering
25.4
Sample JUnit Code
25.5
Sample Java Code for Configuration Action
26
Creating Checkpoints and Final Actions
26.1
Creating a New Checkpoint
26.2
Creating a Checkpoint Example
26.3
New Action
26.4
Final Action
Part VI Lifecycle Management
27
Migrating Native Applications to OAAM 11
g
27.1
Prerequisites for Migration of an Existing Natively Integrated 10.1.4.5 Application
27.2
Migrating Native Static Linked (In-Proc) Applications to OAAM 11
g
27.2.1
Use the OAAM Shared Library Instead of Static Linking to OAAM JAR Files
27.2.2
Move All Configurable Properties into the oaam_custom.properties File
27.3
Migrating Native SOAP Applications to OAAM 11
g
27.3.1
Use OAAM Shared Library Instead of Static Linking to OAAM JAR Files
27.3.2
Move All Configurable Properties into the oaam_custom.properties File
27.3.3
Configure SOAP/WebServices Access
27.4
Migrating Native Applications that Cannot Use OAAM Shared Library
27.4.1
Use the OAAM 11
g
JAR Files
27.4.2
Copy the OAAM 11
g
Property Files
27.4.3
Specify the Configurable Properties in the oaam_custom.properties File
28
Handling Lifecycle Management Changes
28.1
Oracle Virtual Directory (OVD) Host, Port, and SSL Enablement Changes
28.2
Oracle Identity Manager (OIM) URL Changes
28.3
Oracle Access Management Access Manager Host and Port Changes
28.4
Oracle Internet Directory (OID) Host and Port Changes and SSL Enablement
28.5
Database Host and Port Changes
28.6
Moving Oracle Adaptive Access Manager to a New Production Environment
28.7
Moving Oracle Adaptive Access Manager to an Existing Production Environment
Part VII Troubleshooting
29
FAQ/Troubleshooting
29.1
Using My Oracle Support for Additional Troubleshooting Information
29.2
Techniques for Solving Complex Problems
29.2.1
Simple Techniques
29.2.2
Divide and Conquer
29.2.3
Rigorous Analysis
29.2.4
Process Flow of Analysis
29.2.4.1
State the Problem
29.2.4.2
Specify the Problem
29.2.4.3
What It Never Worked
29.2.4.4
IS and IS NOT but COULD BE
29.2.4.5
Develop Possible Causes
29.2.4.6
Test Each Candidate Cause Against the Specification
29.2.4.7
Confirm the Cause
29.2.4.8
Failures
29.3
Troubleshooting Tools
29.4
Configurable Actions
29.5
Device Fingerprinting
29.6
Device Registration
29.7
Failure Counter
29.8
Knowledge-Based Authentication
29.9
Localization
29.10
Man-in-the-Middle/Man-in-the-Browser
29.11
One-Time Password
29.12
OAAM UIO Proxy
29.13
Virtual Authentication Devices
Part VIII Glossary
Glossary
Index
Scripting on this page enhances content navigation, but does not change the content in any way.