Writing Oracle Security Token Service Module Classes 4-13

4.4.3 Managing Custom Tokens

Users with valid administrator credentials can use the procedure in this section to manage custom tokens for custom Token Module classes. The following procedure includes steps to add, edit, and delete custom tokens or attributes of a custom token. Skip any steps that you do not need. Prerequisites Writing a TokenValidatorModule Class Writing a TokenIssuanceModule Class To make custom classes available 1. Create and add the JAR containing your Issuance and Validation classes to the OAM Server hosting Oracle Security Token Service using one of these methods: ■ Add the custom token jar and the sts-common.jar that is available in DOMAIN_HOMEconfigfmwconfigmbeansoam to the Managed Server classpath by editing the startup script. ■ Add the custom token jar and the sts-common.jar that is available in DOMAIN_HOMEconfigfmwconfigmbeansoam to the DOMAIN_ HOMElib directory to automatically add these jars to the Managed Server classpath. ■ Restart the OAM Server.

2. New Custom Token

: From the Oracle Access Suite System Configuration tab, open the Security Token Services section and:

a. Double-click the Custom Tokens node to open the page.

b. Click the New Custom Token button.

c. Fill in the New Custom Token page with details for your custom classes

Table 4–1 .

d. Click Save and dismiss the confirmation window or click Cancel to dismiss

the page without submitting it.

e. Close the page or edit as described in Step 4.

f. Proceed to Step 4, if needed, or to

Section 4.5, Managing a Custom Oracle Security Token Service Configuration .

3. Find Custom Tokens

: From the Security Token Service section of the System Configuration tab: Controls affecting the ordering of items listed in the results table: ■ Ascending ■ Descending See Also: ■ Section 4.4.1, About Making Classes Available ■ Section 4.4.2, About Narrowing a Search for Custom Tokens Table 4–2 Cont. Custom Tokens Search Elements and Controls Element Description 4-14 Developers Guide for Oracle Access Manager and Oracle Security Token Service

a. Find All

: Double-click the Custom Tokens node to display a results table with all custom tokens listed.

b. Narrow the Search

: Enter some or all characters in the desired Default Token URI, click the Search Button, and review the results table. c. Reset the Search Form : Click the Reset button.

4. Edit Custom Token Configuration

: Start with the saved page you just created. Alternatively : Use Step 3 to find the desired Custom Token, then double-click the name in the Search Results table to open the page. a. In the named Custom Token page, click the appropriate field and edit as needed.

b. Add Attributes

: Click the Add + icon for the Attributes table, enter the Attribute Name and an Attribute Type Table 4–1 .

c. Remove Attributes

: From the Attributes table, click the row containing the attribute to remove, click the Delete X icon for the table, and dismiss the Confirmation window.

d. Apply Changes

: Click the Apply button at the top of the page to submit changes.

5. Remove a Custom Token

: a. Click the desired name in the Search Results table to select the item to remove. b. From the Actions menu, click Delete or click the Delete X command button above the table. c. Click the Delete button in the Confirmation window or click No to cancel the operation.

4.5 Managing a Custom Oracle Security Token Service Configuration

This tasks consists of the following procedures: ■ Creating the Validation Template ■ Creating the Issuance Template for a Custom Token ■ Adding the Custom Token to a Requester Profile ■ Adding the Custom Token to the Relying Party Profile ■ Mapping the Token to a Requestor ■ Creating an wssuser EndPoint

4.5.1 Creating the Validation Template

Users with valid Oracle Access Manager administrator credentials can perform the following task to create a Validation Template with a Token Protocol of Webservice Trust to map the token to the requester. The template in this example can be used for the module classes described earlier in this chapter. Full implementation details are shown in the following figures. As you review these, notice how specifications for this template reference the module class code: ■ Figure 4–7, General Details: email-wstrust-valid-temp Writing Oracle Security Token Service Module Classes 4-15 ■ Figure 4–8, Token Mapping: email-wstrust-valid-temp Figure 4–7 General Details: email-wstrust-valid-temp Figure 4–8 Token Mapping: email-wstrust-valid-temp To create the validation template for the custom module classes 1. Display the list of existing Token Validation Templates. Oracle Access Suite System Configuration Security Token Services Token Validation Templates

2. Click the New Validation Template button in the upper-right corner or click the

Add + command button above the Search Results table.

3. General: Set the following for use with the custom token.

See Also: Oracle Fusion Middleware Administrators Guide for Oracle Access Manager with Oracle Security Token Service