Go to main content
1/11
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Introducing EDQ Security
1.1
Introducing EDQ Security
1.1.1
Authentication
1.1.2
Authorization
1.1.3
Encryption
1.1.4
Auditing
1.2
Terms Used in this Guide
2
Authenticating Using LDAP/AD Services
2.1
Learning About LDAP Support
2.1.1
Import Filtering of Users and Groups
2.2
Integrating LDAP Using Oracle Platform Security Services
2.2.1
Configuring LDAP Group Mappings
2.2.2
Configuring Server Failover
2.3
Integrating EDQ Directly with LDAP Servers
2.4
Configuring Global LDAP Settings (login.properties)
2.5
Using LDAP Server Profile
2.5.1
Default Profiles
2.5.2
Properties
2.6
Configuring Individual Realm LDAP Settings
2.7
Validating Credentials When Single Sign-On Is Not Used
2.8
LDAP Security
2.8.1
Using LDAP Over SSL/TLS
2.8.1.1
Extracting Certificate from Active Directory
2.8.1.2
Importing Certificates into JRE (for Tomcat)
2.8.1.3
Importing Certificates into OPSS (for WebLogic)
2.8.2
Starting TLS
3
Authenticating Using Kerberos (GSSAPI)
4
Authenticating Using Oracle Access Manager
4.1
Overview of Configuring WebLogic to use OAM Authentication
4.2
Configuring an LDAP Provider
4.3
Configuring an Oracle Access Manager Provider
4.4
Setting Provider Priorities
4.5
OAM Configuration
5
Authorizing Users
5.1
Configuring Permissions
5.2
Filtering User Authorization Groups
5.3
Installing the Authorizations Plug-In
5.3.1
Filter Script
5.4
Configuring the Authorizations Plug-In
5.4.1
XML File Format
5.4.2
CSV File Format
6
Using Encryption
6.1
Understanding Encryption
6.2
Configuring SSL with Tomcat
6.3
Configuring SSL with WebLogic
6.4
Encrypting LDAP Connections
6.5
Encrypting Database Connections
7
Auditing
7.1
Using Oracle Fusion Middleware Audit Framework
7.1.1
Configuring the EDQ Events in Fusion Middleware Framework
7.2
Using Audit Logs on Disk
7.2.1
Configuring the EDQ Events in Audit Logs on Disk
A
Tips and Troubleshooting
A.1
Optimizing Authentication
A.1.1
Correcting Excessive LDAP Connections
A.1.2
Configuring LDAP Server Failover
A.1.3
Reconciling Multiple User Display Names
A.1.3.1
Use Email Address, or Login ID if not Set
A.1.3.2
Use Email Address and Login ID
A.1.4
Resolving Error Messages
A.1.4.1
Error processing GSS server login
A.1.4.2
Invalid argument (400) - Cannot find key of appropriate type to decrypt…
A.1.4.3
Cannot insert null in DN_EXTUSERMAP.OBJECT_KEY
A.2
Optimizing Encryption
A.2.1
Untrusted Certificate Errors
A.2.1.1
Connecting to EDQ (HTTPS)
A.2.1.2
Connecting to LDAP (EDQ Integrated)
A.2.1.3
Connecting to LDAP (WebLogic with OPSS)
A.3
Optimizing Auditing
A.3.1
”BAD PASSWORD” Events Not Captured for External Domain
Scripting on this page enhances content navigation, but does not change the content in any way.