Configuring Oracle Identity Federation 5-5 Connection Parameters You can configure the following parameters: ■ Host This is the host name of the Oracle Identity Federation instance. If there is a change to the host or port of the server, you can either define a virtual hostname or proxy server hostname, or else change the server host property. ■ Port This is the port where Oracle Identity Federation listens. Checking the SSL Enabled box enables Secure Sockets Layer SSL encryption, allowing the server to listen in HTTPS mode. Checking the Force SSL box forces communications with the server to be conducted in HTTPS mode. If true, Oracle Identity Federation checks an incoming connection to ensure that it is done over SSL. If it is not, the server redirects the user to a URL supporting SSL; the URL is built with the host name and port properties and the requested URL. ■ SOAP Port Note: This property affects server metadata. When updating this property, distribute the updated metadata to all your trusted providers. Note: ■ This setting only dictates what server port will be specified in the IdP and SP metadata when the metadata is generated. If there are several HTTP or HTTPS ports enabled for the container instance in which Oracle Identity Federation is running, a user or peer provider can access Oracle Identity Federation through any of those ports, not just the port you specify here. ■ This property affects server metadata. When updating this property, distribute the updated metadata to all trusted providers. Note: ■ This property affects server metadata. When updating this property, distribute the updated metadata to all trusted providers. ■ This setting only dictates what protocol http or https will be specified in the IdP and SP metadata when the metadata is generated. Setting this property does not configure SSL. For details of how to enable SSL, see: ■ Section 8.1, Configuring SSL for Oracle Identity Federation ■ Oracle Fusion Middleware Administrators Guide 5-6 Oracle Fusion Middleware Administrators Guide for Oracle Identity Federation This is the port where Oracle Identity Federation listens for SOAP messages. Checking the SSL Enabled box enables Secure Sockets Layer SSL encryption, allowing the server to listen in HTTPS mode. Checking the Force SSL box forces communications with the server to be conducted in HTTPS mode. If true, Oracle Identity Federation checks an incoming connection to ensure that it is done over SSL. If it is not, the server redirects the user to a URL supporting SSL; the URL is built with the host name and port properties and the requested URL. Checking Require Client Certificate forces SSL client authentication in all incoming SOAP connections. ■ Server Clock Drift This is the allowable time difference, in seconds, between Oracle Identity Federation and its peer servers. The default is 600 seconds. ■ Session Timeout This parameter is used to determine the period, in seconds, for which an authenticated session is active. If the session remains inactive beyond the active period, the user must re-authenticate. The default value is 7200 seconds. How this parameter is used depends on the server’s role and the nature of the session in question. Scenario 1: User Authenticated Locally The user can be authenticated locally when: ■ Oracle Identity Federation acts as an IdP Note: ■ This setting only dictates what SOAP port will be specified in the IdP and SP metadata when the metadata is generated. If there are several HTTP or HTTPS ports enabled for the container instance in which Oracle Identity Federation is running, a user or peer provider can access Oracle Identity Federation through any of those ports, not just the port you specify here. ■ This property affects server metadata. When updating this property, distribute the updated metadata to all trusted providers. Note: ■ This property affects server metadata. When updating this property, distribute the updated metadata to all trusted providers. ■ Setting this property does not configure SSL. For details of how to enable SSL, see: ■ Section 8.1, Configuring SSL for Oracle Identity Federation ■ Oracle Fusion Middleware Administrators Guide