User Authentication

Before users can access the system they have to be authenticated by entering username and password credentials in the login page. OHI Components applications delegate the actual authentication request to an identity and access management system of choice. The authentication provider can be configured through the WebLogic console. A combination of multiple authentication providers is supported, for example to try credential store A first and credential store B second.

Failed login attempts can be logged in a specific security log.

Note:OHI Components applications do not enforce any password policies, like setting a maximum number of failed login attempts before an account is locked. That is also delegated to an access management system.The OHI Components Operations Guide explains the configuration for that.

For additional information on authentication please see the following sources:

• The Installation Guide for a specific Oracle Health Insurance application explains the configuration of authentication providers, e.g. for Oracle Internet Directory (OID).

• For more information on WebLogic Authentication Providers see the Weblogic documentation.

• The Oracle Health Insurance Operations Guide explains how the security log can be configured.