Configuring Authorization Policies

On the Authorization Policies tab, you can select the user authentication type, modify internal authentication policies, and set lockout parameters for users.

To configure authorization policies:

1. In the Configuration Console, select Security Settings and then select Authorization Policies.
2. Click Load Settings to populate the current settings as saved in the Oracle Data Relationship Management system preferences.
3. Select the method for authentication:

   • Internal – Managed fully by Data Relationship Management.

   • CSS (Common Security Services) – Centralized support for external user directories using Oracle Hyperion Shared Services.

   • Mixed – Allows authentication option (Internal or CSS) to be specified by the user.

4. Set password preferences:

   • Expiration Period (days) – Number of days that a user's password is valid.

   • Maximum Length – Maximum length for user passwords; zero indicates no maximum.

   • Minimum Length – Minimum length for user passwords; zero indicates no minimum

   • Warning Period – Positive or negative number to indicate how many days before (-) or after (+) the password expiration date to warn users to change their password before no longer allowing them to log in.

5. Set user lockout preferences:

   • Inactivity Threshold – Maximum number of days of inactivity before a user is locked out.

   • Invalid Logins Allowed – Maximum number of invalid log in attempts before a user is locked out.

6. Click Save Settings.