3 Administering and Maintaining Oracle RADIUS Agent
3.1 Managing Global and Application Configurations
Learn how to manage global and application configurations for Oracle RADIUS Agent.
3.1.1 Updating Global and Application Configurations
To add or modify properties for a given configuration type (for example, mfa, preferences, logging, and so on), make a PATCH request to the following protected REST API endpoint:
https://localhost:PORT/radius-config/v1/configurations
To delete properties for a given configuration type (for example, mfa, preferences, logging, and so on), pass the property value as null and to remove a particular index from a list of values, pass the 'delete' property with index number of the value to be deleted.
To update an existing global or application configuration, make a PATCH request to the following protected REST API endpoint:
https://localhost:PORT/radius-config/v1/configurations
The following is a sample payload for updating the configuration for the logging
configuration type:
{
"logging": {
"oracle.idm.radius.level": "FINEST",
"oracle.idm.radius.access.log.level": "INFO"
}
}
The following is the corresponding response:
{
"message": "Configuration is successfully updated.",
"timestamp": "2021-03-02T07:12:01.926Z[UTC]"
}
Note:
If you have multiple containers with the shared configuration and one of the containers adds, updates, or deletes the shared configuration at runtime, in that case implicit refresh for other containers does not happen. To get the latest changes either restart other containers or reload the configuration for other containers.To perform a reload, run a GET
request to
https://<hostname.domain>/radius-config/v1/configurations/reload
. See the Oracle RADIUS Agent REST API guide for more details.
3.1.2 Deleting Global and Application Configurations
To delete an existing global configuration, make a DELETE request to the following protected REST API endpoint:
https://localhost:PORT/radius-config/v1/configurations/application/APP_CONFIG_NAME
In this endpoint, APP_CONFIG_NAME
is the name of the application that you want to delete. For example, to delete an application, provide the name of the application such as DBApplication
as shown in the example below:
curl --request DELETE https://localhost:8000/radius-config/v1/configurations/application/DBApplication --basic -u radadmin1:Welcome1
The following is the corresponding response:
{
"message": "Configuration DBApplication is successfully deleted.",
"timestamp": "2021-03-03T14:31:22.359Z[UTC]"
}
To delete global configuration type, make a DELETE request to the following protected REST API endpoint:
https://localhost:PORT/radius-config/v1/configurations/CONFIG_TYPE
In this endpoint, replace:
-
CONFIG_TYPE
with the key of the configuration type that must be deleted. For example, to delete the configuration for multi-factor authentication, replace CONFIG_TYPE in the endpoint with mfa.
The following is an example endpoint for deleting the configuration mfa:
https://localhost:8000/radius-config/v1/configurations/mfa
Upon successful execution of the payload, you receive a response that the configuration type is successfully deleted.
The following is the corresponding response:
{
"message": "Configuration mfa is successfully deleted.",
"timestamp": "2021-03-03T15:35:25.359Z[UTC]"
}
3.1.3 Viewing and Reloading Configurations
Viewing Configurations
To view the list of all configurations set in Oracle RADIUS Agent, make a GET request to the following protected REST API endpoint:
https://localhost:PORT/radius-config/v1/configurations
The following is an example GET request to view all the configurations:
curl --request GET https://localhost:8000/radius-config/v1/configurations --basic -u radadmin1:Welcome1
The following is the response:
{
"name": "Oracle RADIUS Agent",
"version": "1.0",
"oracleRadiusAgent": {
"radiusListener": {
"port": 1811
},
"authentication": {
"provider": "LDAP",
"ldap": {
"name": "Corporate LDAP",
"dn": "cn=directory manager",
"password": "{AES-GCM}AJ8RXxCvTqlzvY0zlP6xxXUHKN0HukpfdLf4Cq3KCo9wO1u5",
"ldapUrl": "ldaps://myoudds:1636",
"baseDN": "dc=example,dc=com",
"truststore": "-----BEGIN CERTIFICATE-----\nMIICwzCCAaugAwIBAgIEaNGteTANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDEwdteW91ZGRzMB4XDTIxMDEyNzEwMzAwMFoXDTIxMDQyNzEwMzAwMFowEjEQMA4GA1UEAxMHbXlvdWRkczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALHo889pq1F5hgyAFA4rXDP4qwwZoq7Sg4NIEMrN1elSQmTyXAr2XGtOHtDPojwI4+Tf9dDyr14OSOuUNx8jNA/viQ3YVmSIn5LiIIJSFNR0GOXAp+ZY2GdEjeAdLkJTd0UHBQPIv3r68TIn7U9UyemDo2PNVURm9f0Xe7DKpj1I1/qYHn0L/ROs6wS99KsGs8lhij0XGjTKtibaN4XljjKY5uQLD+xTul7B3msirklAKAj72dCfiwmBRn+ec2bxhfu1DDI0+0gzKpmanCH6s4LjHx572lv0B64Bii5Rzm+rGIUaiiTbODLDFOmxMnfBUYdZ2GXpx3U3G+BaJvuOZvcCAwEAAaMhMB8wHQYDVR0OBBYEFL8D0CWWPhQLmO8jIL+GECrkAEZaMA0GCSqGSIb3DQEBCwUAA4IBAQBeZPiyRc3Xjeuqnwjdu+75zkV52ILXUyvLlMtoXeLRNg/NBcZEvtun4MXoODI1pD8g3JWgobCuol7dYVqRLvWGOhhhxVtJ5MDYHQMCQQkvpI2iSdMGF4+G8H/kze0xwjPSjg18DxPbFjvDb+5EmfHfk1RpBVbG0sw292iThEJMg9rr25TMy8fhjQmlUdxD/1yfmd1Qe8xzw+FnEggAUedCGEWyBwEUu/QaWuLLDpBl98YX1dH9CF4XyGlJ5eNS7AqM4lXjGTTbvkUM7+s5toPUA2z4rVFnMdW0KHjQ1E6jNDIF+OHwUF61vZeKWxhTATCb83z9HjutqvUZNggd5u+M\n-----END CERTIFICATE-----",
"trustedCertificateAliasName": "ldap-server-cert",
"truststorePassword": "{AES-GCM}gFGvY3D2T+jqn152TU0s/BSbdaW5eHaa85xZT0OpzhNFLwkd"
}
},
"application": {
"dbRadiusClient": {
"name": "Database RADIUS Client",
"radiusClientHost": "100.100.100.100",
"radiusListener": {
"port": 1815,
"numberOfWorkerThreads": 2
}
},
"applicationConfig": {
"name": "Database RADIUS Client",
"radiusClientHost": "100.100.100.101",
"radiusListener": {
"port": 1815,
"numberOfWorkerThreads": 2
}
}
}
}
}
Reloading Configurations
Reloading configurations will read all the latest configurations and reinitialized Oracle RADIUS Agent. To reload configurations, make a GET request to the following protected REST API endpoint:
https://localhost:PORT/radius-config/v1/configurations/reload
The following is a sample GET request that reloads the latest configuration:
curl --request GET https://localhost:8000/radius-config/v1/configurations/reload --basic -u radadmin1:Welcome1
This following is the response:
{
"message": "Configuration reloaded successfully.",
"timestamp": "2021-03-03T13:22:36.498Z[UTC]"
}