Go to main content
1/13
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Getting Started with Mobile Security Access Server
1.1
Understanding Mobile Security Access Server
1.2
Understanding Key Concepts in Mobile Security Access Server
1.3
Mobile Security Access Server Architecture Overview
1.4
Mobile Security Access Server Administration Tools
1.5
Roadmap for Installing and Using Mobile Security Access Server
2
Managing Mobile Security Access Server Instances
2.1
Viewing MSAS Instances in the Environment
2.2
Viewing the Configuration of an MSAS Instance
2.3
Synchronizing MSAS Instance Configuration
2.4
Creating and Registering a Logical MSAS Instance
2.5
Changing the MSM Server Associated with an MSAS Instance
2.6
Deleting a Logical MSAS Instance
2.7
Starting and Stopping MSAS
3
Managing Mobile Security Access Server Applications
3.1
Mobile Security Access Server Application Types
3.2
Reserved Applications in MSAS
3.3
Viewing MSAS Applications in the Environment
3.4
Creating a Virtual Application
3.5
Creating a Proxy Application
3.6
Viewing the Applications in an MSAS Instance
3.7
Searching for MSAS Applications
3.8
Viewing MSAS Application Details
3.9
Editing an MSAS Application
3.10
Managing URLs in an MSAS Application
3.11
Exporting MSAS Applications
3.12
Importing MSAS Applications
3.13
Categorizing MSAS Applications Using Tags
3.14
Deleting MSAS Applications
4
Configuring Web Settings in MSAS
4.1
Understanding PAC Files in MSAS
4.2
Understanding the Mapping Between PAC Files and MSAS Applications
4.3
Configuring Blocked URLs
4.4
Configuring Direct URLs
5
Securing Mobile Security Access Server Resources
5.1
Overview of Mobile Security Access Server Resource Security
5.2
Attaching Policies and Assertions to Virtual Applications
5.3
Attaching Policies and Assertions to Proxy Applications
5.4
Viewing Policies Attached to an Application
5.5
Configuring Policy Overrides
5.6
Validating Policy Attachments
5.7
Detaching Policies from an Application
5.8
Configuring Authorization in MSAS Applications
5.8.1
Managing Roles in an MSAS Application
5.8.1.1
Creating an Application Role
5.8.1.2
Viewing Roles in an MSAS Application
5.8.1.3
Managing the Application Role Hierarchy
5.8.1.4
Mapping External Roles to an Application Role
5.8.1.5
Mapping Users to an Application Role
5.8.1.6
Deleting Application Roles
5.8.2
Configuring Authorization
5.9
Summary of Supported Policies and Assertions
6
Configuring a Mobile Security Access Server Instance
6.1
Understanding MSAS Instance Configuration
6.2
Configuring an MSAS Instance Using the MSAS Console
6.2.1
Viewing General MSAS Instance Configuration
6.2.2
Configuring the Identity Store Profile
6.2.3
Configuring Trusted Issuers and DN Lists for Signing Certificates
6.2.4
Configuring Message Security
6.2.4.1
Configuring the MSAS Keystore
6.2.4.2
Configuring Security Settings
6.2.5
Configuring the Cache Refresh Time
6.2.6
Configuring Authentication Endpoints
6.2.6.1
Configuring KINIT and PKINIT Authentication
6.2.6.2
Configuring OAuth2 Confidential Client Authentication
6.2.6.3
Configuring Oracle Access Manager Mobile and Social (OAMMS) Authentication
6.2.6.4
Configuring the Crypto Service
6.2.7
Configuring System Settings
6.2.7.1
Configure Outbound Message Settings
6.2.7.2
Configure Proxy Server Settings
6.2.7.3
Configure Server Settings
6.2.7.4
Configuring the SSL Keystore and Truststore
6.3
Configuring an MSAS Instance Using WLST
6.3.1
Accessing the MSAS WLST Commands
6.3.2
Viewing MSAS Instance Configuration Using WLST
6.3.3
Using the setMSASConfiguration WLST Command to Configure an MSAS Instance
6.3.4
Configuring an Identity Store Profile Using WLST
6.3.4.1
Creating an Identity Store Profile Using WLST
6.3.4.2
Updating an Identity Profile Using WLST
6.3.4.3
Deleting an Identity Profile
6.3.5
Defining Trusted Issuers and Managing DN Lists Using WLST
6.3.5.1
Configuring Trusted Issuers and DN Lists Using WLST
6.3.5.2
Deleting a Trusted Issuer Using WLST
6.3.5.3
Deleting a Token Issuer Trust Document Using WLST
6.3.5.4
Exporting and Importing Trust Configuration Using WLST
6.3.5.5
Revoking Trust From Trusted Issuers Using WLST
6.3.6
Configuring Message Security Using WLST
6.3.6.1
Managing the MSAS Keystore Using Keystore Service Commands
6.3.6.2
Configuring the Signature and Encryption Keys in the MSAS Keystore Using WLST
6.3.6.3
Configuring Security Settings Using WLST
6.3.7
Configuring the Cache Refresh Time Using WLST
6.3.8
Configuring the Authentication Endpoints Using WLST
6.3.8.1
Configuring the KINIT and PKINIT Authentication Endpoint Using WLST
6.3.8.2
Configuring the OAuth2 Confidential Client Endpoint Using WLST
6.3.8.3
Configuring the OAuth2 Mobile Client Endpoint Using WLST
6.3.8.4
Configuring the Crypto Service Endpoint Using WLST
6.3.9
Configuring System Settings Using WLST
6.3.9.1
Configuring Outbound Message Settings Using WLST
6.3.9.2
Configuring Proxy Server Settings Using WLST
6.3.9.3
Configuring Server Settings Using WLST
6.3.9.4
Configuring SSL Settings Using WLST
6.3.9.5
Configuring Access Log Settings Using WLST
6.3.10
Configuring the SToken Expiry Time
6.3.11
Configuring the MSAS Heartbeat Using WLST
6.3.12
Configuring Additional Server Settings Using WLST
6.3.13
Configuring the Credential Store Using WLST
6.4
Advanced Kerberos Configuration
6.4.1
Creating the Kerberos Configuration File Manually
6.4.2
Adding Multiple Active Directory Domains
6.4.3
Targeting Specific Domain Controllers
6.4.4
Adding Alternate UPN Suffixes
6.5
Manually Configuring OAuth2 Client Authentication
6.5.1
Configuring OAuth2 Confidential Client Authentication
6.5.2
Configuring OAuth2 Mobile Client Authentication
6.6
Configuring Single Sign-On (SSO) for OAM WebGate and Oracle WSM Protected Resources
6.7
Configuring Single Sign-On for Kerberos and NTLM Protected Resources
6.8
Configuring an MSAS Instance as a WebGate
7
Configuring the SSL Keystore and Truststore
7.1
Understanding the SSL Keystore and Truststore
7.1.1
SSL Keystore and Truststore Locations
7.1.2
Managing the SSL Keystore and Truststore
7.2
Configuring SSL Between the Mobile Device and MSAS
7.2.1
Obtaining a Trusted Certificate and Importing it into the SSL Keystore
7.2.2
Downloading the MSAS Identity Certificate into the Mobile Device
7.3
Configuring SSL Between MSAS and Back-End Resources
7.4
Configuring SSL Between MSAS and the Identity Store
8
Managing Policies and Assertion Templates
8.1
Overview of Policy and Assertion Template Management
8.1.1
Building Policies Using Policy Assertions
8.1.2
Predefined Policies and Assertion Templates
8.2
Managing Policies
8.2.1
Viewing Access Policies
8.2.2
Searching for Policies
8.2.3
Viewing the Details of a Policy
8.2.4
Creating and Editing a Policy
8.2.4.1
Creating a New Policy
8.2.4.2
Cloning a Policy
8.2.4.3
Editing a Policy
8.2.5
Exporting and Importing Policies
8.2.5.1
Exporting a Policy
8.2.5.2
Importing a Policy
8.2.6
Adding Assertions to a Policy
8.2.7
Adding an OR Group to a Policy
8.2.8
Versioning Policies
8.2.8.1
Viewing the Version History of a Policy
8.2.8.2
Changing the Current Version of a Policy
8.2.8.3
Deleting Versions of a Policy
8.2.8.4
Exporting a Version of a Policy
8.2.9
Deleting a Policy
8.3
Validating Policies
8.4
Managing Policy Assertion Templates
8.4.1
Viewing Assertion Templates
8.4.2
Searching for an Assertion Template
8.4.3
Viewing the Details of an Assertion Template
8.4.4
Cloning an Assertion Template
8.4.5
Editing an Assertion Template
8.4.6
Editing the Configuration Properties
8.4.7
Configuring Assertions
8.4.8
Exporting and Importing an Assertion Templates
8.4.8.1
Exporting an Assertion Template
8.4.8.2
Importing an Assertion Template
8.4.9
Deleting an Assertion Template
8.5
Enabling or Disabling Policies and Assertions
8.5.1
Enabling or Disabling a Policy for all Policy Enforcement Points
8.5.2
Enabling or Disabling Assertions Within a Policy
8.6
Defining Multiple Policy Alternatives (OR Groups)
8.7
Recommended Naming Conventions for Policies
8.8
Recommended Naming Conventions for Assertion Templates
9
Managing Log Files
9.1
Overview of Log File Management
9.2
Configuring the Level of Information Written to Log Files
9.2.1
Configuring Log Levels Using the MSAS Console
9.2.2
Configuring Log Levels Using WLST
9.2.2.1
Getting the Log Level Using WLST
9.2.2.2
Setting the Log Level Using WLST
9.2.2.3
Getting a List of Loggers
9.3
Configuring MSAS Access Logs
10
Managing the MSAS Repository
10.1
About the MSAS Repository
10.2
Understanding the Different Mechanisms for Exporting and Importing Application Metadata
10.3
Exporting and Importing MSAS Application Metadata Using WLST
10.3.1
Exporting MSAS Applications from the MSAS Repository
10.3.2
Importing MSAS Application Metadata from the MSAS Repository
10.4
Migrating MSAS Application Metadata Between Application Environments
10.5
Replacing the MSAS Application Host and Port Values
Scripting on this page enhances content navigation, but does not change the content in any way.