1. Security Guide
  2. Managing Offline Mediation Controller Security

3 Managing Offline Mediation Controller Security

This chapter describes how to manage security in Oracle Communications Offline Mediation Controller.

Starting Offline Mediation Controller

When starting Offline Mediation Controller processes, make sure that the Oracle Unified Directory (OUD) process starts with the Administration Server. This ensures that only authorized users can log in to mediation processes.

You can start the Oracle Unified Directory process in the following ways:

  • Go to the directory where the OUD instance is created (instance-dir/OUD/bin) and enter start-ds.

  • You can start the Administration Server process manually (adminsvr), but do not use the -x option, because that does not start the Oracle Unified Directory process. Using the -x option runs the Administration Server in unauthenticated mode, which is not recommended.

Configuring Secure Communications Between Applications

Offline Mediation Controller uses Remote Method Invocation (RMI) over Secure Sockets Layer (SSL) to enable secure communications between applications. SSL enables authentication, data integrity, and data encryption.

The Administration Client communicates with the Administration Server by using SSL. During authentication, the Administration Server provides the information using a certificate. It also provides data integrity through an integrity check value. See the discussion on creating certificates in Offline Mediation Controller Installation Guide.

Offline Mediation Controller supports the session expiration between the Administration Client and the Administration Server based on the value configured in the AdminServerImpl.properties file in OMC_home/web/htdocs. Oracle recommends using the default value.

Enabling and Disabling SSL Mode

It is assumed that if SSL is enabled for one of the Offline Mediation Controller components, SSL is enabled for the other components. By default, the Offline Mediation Controller system runs in secure mode with SSL enabled. See Offline Mediation Controller System Administrator's Guide for more information.

Configuring Password Policy Attributes

Offline Mediation Controller uses a predefined password policy. This can be updated to suit your business policies.

You can modify attribute values in the OMC_home/bin/createPasswordPolicy script. To update the system with new attributes, edit and run the script, and restart the Administration Server. See Offline Mediation Controller System Administrator's Guide for more information.