10-8 Oracle Complex Event Processing Administrators Guide 6. Restart the Oracle CEP server for the changes to take effect. See Section 1.5.4, Starting and Stopping Oracle CEP Servers .

10.3 Configuring a Security Provider

A security provider performs authentication, authorization, or both. Oracle CEP server supports file-based, LDAP, and DBMS security providers. The file-based security provider is the default security provider that the Configuration Wizard configures. If you want to use the file-based security provider, no further configuration is required. The LDAP security provider supports authentication only. The DBMS security provider supports both authentication and authorization. This section describes: ■ Section 10.3.1, Configuring Authentication Using the LDAP Provider and Authorization Using the DBMS Provider ■ Section 10.3.2, Configuring Both Authentication and Authorization Using the DBMS Provider For more information, see Section 10.1.2, Security Providers .

10.3.1 Configuring Authentication Using the LDAP Provider and Authorization Using the DBMS Provider

The following procedure describes how to configure the LDAP security provider for authentication and the DBMS provider for authorization. To configure authentication using the LDAP provider and Authorization using the DBMS provider: 1. Open a command window and set your environment as described in Setting Your Development Environment in the Oracle Complex Event Processing Getting Started. 2. Add the ORACLE_CEP_HOME\ocep_11.1\bin directory to your PATH environment variable, where ORACLE_CEP_HOME is the main Oracle CEP installation directory, such as d:\oracle_cep: prompt set PATH=d:\oracle_cep\ocep_11.1\bin;PATH Windows prompt PATH=oracle_cepocep_11.1bin:PATH UNIX 3. Change to the DOMAIN_DIRservernameconfig directory, where DOMAIN_ DIR refers to the main directory of your domain, such as d:\oracle_cep\user_ projects\domains\mydomain, and servername refers to the name of your server: prompt cd d:\oracle_cep\user_projects\domains\mydomain\defaultserver\config 4. Using your favorite text editor, create a file called myLDAPandDBMS.properties and copy into it the entire contents of Example 10–1 . Caution: When using LDAP for authentication, you can not add or delete users and groups using Oracle CEP Visualizer, you can only change the password of a user. Configuring Security for Oracle CEP 10-9 Example 10–1 LDAPDBMS Properties File For attributes of type boolean or Boolean, value can be true or false and its case insensitive. For attributes of type String[], values are comma separated; blanks before and after the comma are ignored. For example, if the property is defined as: saml1.IntersiteTransferURIs=uri1, uri2, uri3 the IntersiteTransferURIs attribute value is String[]{uri1, uri2, uri3} For attributes of type Properties, the value should be inputted as a set of key=value pairs separated by commas; blanks before and after the commas are also ignored. For example in practice, the property should be all on one line: store.StoreProperties=DriverName=oracle.jdbc.driver.OracleDriver, ConnectionURL=jdbc:oracle:thin:united.bea.com:1521:xe, Username=user, Password=user domain.mbean=com.bea.common.management.configuration.LegacyDomainInfoMBean domain.DomainName=legacy-domain-name domain.ServerName=legacy-server-name domain.RootDirectory=legacy-rootdir domain.ProductionModeEnabled= domain.WebAppFilesCaseInsensitive= domain.DomainCredential=changeit jaxp.mbean=com.bea.common.management.configuration.JAXPFactoryServiceMBean jaxp.DocBuilderFactory= jaxp.SaxParserFactory= jaxp.SaxTransformFactory= jaxp.TransformFactory= ldapssl.mbean=com.bea.common.management.configuration.LDAPSSLSocketFactoryLookupServiceMBean ldapssl.Protocol= ldapssl.TrustManagerClassName= namedsql.mbean=com.bea.common.management.configuration.NamedSQLConnectionLookupServiceMBean store.mbean=com.bea.common.management.configuration.StoreServiceMBean Split here for readability; in practice, a property should be all on one line. store.StoreProperties=DriverName=oracle.jdbc.driver.OracleDriver, ConnectionURL=jdbc:oracle:thin:localhost:1521:orcl, Username=wlevs, Password=wlevs store.ConnectionProperties= store.NotificationProperties= realm.mbean=weblogic.management.security.RealmMBean realm.Name=my-realm realm.ValidateDDSecurityData= realm.CombinedRoleMappingEnabled= realm.EnableWebLogicPrincipalValidatorCache= realm.MaxWebLogicPrincipalsInCache= realm.DelegateMBeanAuthorization= realm.AuthMethods= adt.1.mbean=weblogic.security.providers.audit.DefaultAuditorMBean adt.1.Severity=INFORMATION adt.1.InformationAuditSeverityEnabled= adt.1.WarningAuditSeverityEnabled= adt.1.ErrorAuditSeverityEnabled= adt.1.SuccessAuditSeverityEnabled= adt.1.FailureAuditSeverityEnabled= adt.1.OutputMedium= adt.1.RotationMinutes= adt.1.BeginMarker= adt.1.EndMarker= adt.1.FieldPrefix= adt.1.FieldSuffix= adt.1.Name=my-auditor adt.1.ActiveContextHandlerEntries= atn.1.mbean=weblogic.security.providers.authentication.LDAPAuthenticatorMBean atn.1.UserObjectClass= atn.1.UserNameAttribute= atn.1.UserDynamicGroupDNAttribute= atn.1.UserBaseDN=o=ECS,dc=bea,dc=com atn.1.UserSearchScope=subtree atn.1.UserFromNameFilter= atn.1.AllUsersFilter= atn.1.GroupBaseDN=ECS,dc=bea,dc=com