5-96 Oracle Fusion Middleware Administrators Guide for Oracle Identity Federation

5.15.6.1 Configuring Oracle Identity Federation for RDBMS Authentication Engine

In order for Oracle Identity Federation to use a database as the authentication engine, this database must have a table, referred to as the login table, that contains user login information. Each user in the login table must have these attributes:

1. Login ID: The unique username with which the user will log in.

2. Login Password: The password with which the user will log in. The value in this

column can be the clear-text password or an MD5 or SHA1 hash of the password.

3. User ID: The unique identifier with which the user will be identified in Oracle

Identity Federation. The value of the User ID must match the value of the User ID in the user data store. The attributes Login ID and User ID can be stored in two separate columns, or in one column if the Login ID is to be used as the User ID. Example 1 Consider the following login table, named UserLoginInfo1. In this table, the Login ID is under the column Email, and the User ID is under the column UserID. Example 2 Consider the following login table, named UserLoginInfo2. In this table, both the Login ID and the User ID are under the Username column. To configure Oracle Identity Federation to use the RDBMS authentication engine, you will need to: 1. Create a JDBC data source. 2. Modify Oracle Identity Federation authentication engine configuration. Create a JDBC Data Source Follow these steps to configure an RDBMS user data store: UserID FirstName LastName Password Email alice Alice Smith guL3nb alicemycorp.com bob Robert Jones aqweb80 bobmycorp.com charlie Charles Johnson b23thag charliemycorp.co m david David Jones 094bshyq= davidmycorp.co m robert Robert Williams haba+ williamsmycorp.c om Username Password FullName alice guL3nb Alice Smith bob aqweb80 Robert Jones charlie b23thag Charles Johnson david 094bshyq= David Jones robert haba+ Robert Williams Configuring Oracle Identity Federation 5-97 1. Log in to the WebLogic Administration Console.

2. Navigate to Services, then JDBC, then Data Sources.

3. Click New.

4. Choose a Name and a JNDI Name for the new data source, and enter the database information. Choose the WebLogic managed server where Oracle Identity Federation is deployed as the target of this data source. Modify Oracle Identity Federation Authentication Engine Configuration Follow these steps to configure the RDBMS authentication engine. 1. Log in to Fusion Middleware Control and navigate to the Oracle Identity Federation instance.

2. Navigate to Administration, then Authentication Engines.

3. In the Database Table tab, select Enable Authentication Engine and add the

following properties: ■ JNDI Name: The JNDI of the data source created in the WebLogic Administration Console. ■ Login Table: The name of the login table. ■ Login ID Column: The name of the Login ID column in the login table. ■ User Unique ID Attribute: The name of the User ID column in the login table. ■ Login Password Column: The name of the Login Password column in the login table. ■ Password Digest Algorithm: The digest algorithm applied to passwords in the login table. Select None if the password is stored in clear-text in the database, or select MD5 or SHA1 if the value in the database is an MD5 or SHA1 hash of the password.

4. Click Apply.

Example 1 Configuration The configuration corresponding to the table UserLoginInfo1 in Example 1 above is as follows. Suppose the JNDI name of the data source created for the database is MyCorpUserDS. ■ JNDI Name: MyCorpUserDS ■ Login Table: UserLoginInfo1 ■ Login ID Column: Email ■ User Unique ID Attribute: UserID ■ Login Password Column: Password ■ Password Digest Algorithm: noneMD5SHA1 See Also: Getting Started with Oracle WebLogic Server Administration Console in the Oracle Fusion Middleware Administrators Guide.