3 Administering and Maintaining Oracle RADIUS Agent

Topics

• Managing Global and Application Configurations

3.1 Managing Global and Application Configurations

Learn how to manage global and application configurations for Oracle RADIUS Agent.

Topics

• Updating Global and Application Configurations

• Deleting Global and Application Configurations

• Viewing and Reloading Configurations

• Validating Configurations

3.1.1 Updating Global and Application Configurations

To add or modify properties for a given configuration type (for example, mfa, preferences, logging, and so on), make a PATCH request to the following protected REST API endpoint:

https://localhost:PORT/radius-config/v1/configurations

To delete properties for a given configuration type (for example, mfa, preferences, logging, and so on), pass the property value as null and to remove a particular index from a list of values, pass the 'delete' property with index number of the value to be deleted.

To update an existing global or application configuration, make a PATCH request to the following protected REST API endpoint:

https://localhost:PORT/radius-config/v1/configurations

The following is a sample payload for updating the configuration for the logging configuration type:

{
    "logging": {
        "oracle.idm.radius.level": "FINEST",
        "oracle.idm.radius.access.log.level": "INFO"
    }
}

The following is the corresponding response:

{
    "message": "Configuration  is successfully updated.",
    "timestamp": "2021-03-02T07:12:01.926Z[UTC]"
}

Note:

If you have multiple containers with the shared configuration and one of the containers adds, updates, or deletes the shared configuration at runtime, in that case implicit refresh for other containers does not happen. To get the latest changes either restart other containers or reload the configuration for other containers.

To perform a reload, run a GET request to https://<hostname.domain>/radius-config/v1/configurations/reload . See the Oracle RADIUS Agent REST API guide for more details.

3.1.2 Deleting Global and Application Configurations

To delete an existing global configuration, make a DELETE request to the following protected REST API endpoint:

https://localhost:PORT/radius-config/v1/configurations/application/APP_CONFIG_NAME

In this endpoint, APP_CONFIG_NAME is the name of the application that you want to delete. For example, to delete an application, provide the name of the application such as DBApplication as shown in the example below:

curl --request DELETE https://localhost:8000/radius-config/v1/configurations/application/DBApplication --basic -u radadmin1:Welcome1

The following is the corresponding response:

{
    "message": "Configuration DBApplication is successfully deleted.",
    "timestamp": "2021-03-03T14:31:22.359Z[UTC]"
} 

To delete global configuration type, make a DELETE request to the following protected REST API endpoint:

https://localhost:PORT/radius-config/v1/configurations/CONFIG_TYPE

In this endpoint, replace:

• CONFIG_TYPE with the key of the configuration type that must be deleted. For example, to delete the configuration for multi-factor authentication, replace CONFIG_TYPE in the endpoint with mfa.

The following is an example endpoint for deleting the configuration mfa:

https://localhost:8000/radius-config/v1/configurations/mfa

Upon successful execution of the payload, you receive a response that the configuration type is successfully deleted.

The following is the corresponding response:

{
    "message": "Configuration mfa is successfully deleted.",
    "timestamp": "2021-03-03T15:35:25.359Z[UTC]"
}

3.1.3 Viewing and Reloading Configurations

Viewing Configurations

To view the list of all configurations set in Oracle RADIUS Agent, make a GET request to the following protected REST API endpoint:

https://localhost:PORT/radius-config/v1/configurations

The following is an example GET request to view all the configurations:

curl --request GET https://localhost:8000/radius-config/v1/configurations --basic -u radadmin1:Welcome1

The following is the response:

{
    "name": "Oracle RADIUS Agent",
    "version": "1.0",
    "oracleRadiusAgent": {
        "radiusListener": {
            "port": 1811
        },
        "authentication": {
            "provider": "LDAP",
            "ldap": {
                "name": "Corporate LDAP",
                "dn": "cn=directory manager",
                "password": "{AES-GCM}AJ8RXxCvTqlzvY0zlP6xxXUHKN0HukpfdLf4Cq3KCo9wO1u5",
                "ldapUrl": "ldaps://myoudds:1636",
                "baseDN": "dc=example,dc=com",
                "truststore": "-----BEGIN CERTIFICATE-----\nMIICwzCCAaugAwIBAgIEaNGteTANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDEwdteW91ZGRzMB4XDTIxMDEyNzEwMzAwMFoXDTIxMDQyNzEwMzAwMFowEjEQMA4GA1UEAxMHbXlvdWRkczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALHo889pq1F5hgyAFA4rXDP4qwwZoq7Sg4NIEMrN1elSQmTyXAr2XGtOHtDPojwI4+Tf9dDyr14OSOuUNx8jNA/viQ3YVmSIn5LiIIJSFNR0GOXAp+ZY2GdEjeAdLkJTd0UHBQPIv3r68TIn7U9UyemDo2PNVURm9f0Xe7DKpj1I1/qYHn0L/ROs6wS99KsGs8lhij0XGjTKtibaN4XljjKY5uQLD+xTul7B3msirklAKAj72dCfiwmBRn+ec2bxhfu1DDI0+0gzKpmanCH6s4LjHx572lv0B64Bii5Rzm+rGIUaiiTbODLDFOmxMnfBUYdZ2GXpx3U3G+BaJvuOZvcCAwEAAaMhMB8wHQYDVR0OBBYEFL8D0CWWPhQLmO8jIL+GECrkAEZaMA0GCSqGSIb3DQEBCwUAA4IBAQBeZPiyRc3Xjeuqnwjdu+75zkV52ILXUyvLlMtoXeLRNg/NBcZEvtun4MXoODI1pD8g3JWgobCuol7dYVqRLvWGOhhhxVtJ5MDYHQMCQQkvpI2iSdMGF4+G8H/kze0xwjPSjg18DxPbFjvDb+5EmfHfk1RpBVbG0sw292iThEJMg9rr25TMy8fhjQmlUdxD/1yfmd1Qe8xzw+FnEggAUedCGEWyBwEUu/QaWuLLDpBl98YX1dH9CF4XyGlJ5eNS7AqM4lXjGTTbvkUM7+s5toPUA2z4rVFnMdW0KHjQ1E6jNDIF+OHwUF61vZeKWxhTATCb83z9HjutqvUZNggd5u+M\n-----END CERTIFICATE-----",
                "trustedCertificateAliasName": "ldap-server-cert",
                "truststorePassword": "{AES-GCM}gFGvY3D2T+jqn152TU0s/BSbdaW5eHaa85xZT0OpzhNFLwkd"
            }
        },
        "application": {
            "dbRadiusClient": {
                "name": "Database RADIUS Client",
                "radiusClientHost": "100.100.100.100",
                "radiusListener": {
                    "port": 1815,
                    "numberOfWorkerThreads": 2
                }
            },
            "applicationConfig": {
                "name": "Database RADIUS Client",
                "radiusClientHost": "100.100.100.101",
                "radiusListener": {
                    "port": 1815,
                    "numberOfWorkerThreads": 2
                }
            }
        }
    }
}

Reloading Configurations

Reloading configurations will read all the latest configurations and reinitialized Oracle RADIUS Agent. To reload configurations, make a GET request to the following protected REST API endpoint:

https://localhost:PORT/radius-config/v1/configurations/reload

The following is a sample GET request that reloads the latest configuration:

curl --request GET https://localhost:8000/radius-config/v1/configurations/reload --basic -u radadmin1:Welcome1

This following is the response:

{
    "message": "Configuration reloaded successfully.",
    "timestamp": "2021-03-03T13:22:36.498Z[UTC]"
}

3.1.4 Validating Configurations

To validate a global or an application configuration for given configuration type without saving it for Oracle RADIUS Agent, make a POST request to the following protected REST endpoint:

https://localhost:PORT/radius-config/v1/validate