3-4 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager auth.status.enum.invalid_user=1 auth.status.enum.invalid_user.name=Invalid user auth.status.enum.invalid_user.description=Invalid User third item and its attributes auth.status.enum.wrong_password=2 auth.status.enum.wrong_password.name=Wrong password auth.status.enum.wrong_password.description=Wrong password fourth item and its attributes auth.status.enum.wrong_pin=3 auth.status.enum.wrong_pin.name=Wrong pin auth.status.enum.wrong_pin.description=Wrong Pin fifth item and its attributes auth.status.enum.session_expired=4 auth.status.enum.session_expired.name=Session expired auth.status.enum.session_expired.description=Session expired Here is an example of the use of the previous user-defined enumeration in application code: UserDefEnumFactory factory = UserDefEnumFactory.getInstance; UserDefEnum statusEnum = factory.getEnumauth.status.enum; int statusSuccess = statusEnum.getElementValuesuccess; int statusWrongPassword = statusEnum.getElementValuewrong_password;

3.4 Oracle Adaptive Access Manager API Usage

This section contains details on how OAAM APIs are used to support common OAAM scenarios. You can also refer to the sample applications for details.

3.4.1 User Details

Oracle Adaptive Access Manager stores user details in its database and uses this information to perform the following tasks: ■ Determine the risk rules to run for a user ■ Find user-specific virtual authentication device attributes ■ Propose challenge questions ■ Validate answers to challenge questions The client application is responsible for populating the Oracle Adaptive Access Manager database with user details at runtime. For example, when a user logs in, the client application should first determine whether the user record exists. If the record is not found, then the application should call the appropriate APIs to create a user record and set the user status. The following sample illustrates the calls to create a user record: string loginId = testuser; loginId of the user logging in set the proxy to access the SOAP server that communicates with the OAAM SOAP Server IBharosaProxy proxy = BharosaClientFactory.getProxyInstance; find the user record in OAAM VCryptAuthUser user = proxy.getUserByLoginIdloginId; Integrating Native .NET Applications 3-5 if user record does not exist, create one ifuser == null || StringUtil.IsEmptyuser.LoginId { string customerId = loginId; string userGroupId = PremiumCustomer; string password = _; this value is not used for now user = new VCryptAuthUserloginId, customerId, userGroupId, password; user = proxy.createUseruser; set the status of the new user to Invalid; once the user is authenticated, set the status to PendingActivation; after the user succssfully completes registration, set the status to Valid proxy.setUserStatususer.CustomerId, intUserStatus.Invalid; } save the user record in the session for later reference AppSessionData sessionData = AppSessionData.GetInstanceSession; sessionData.CurrentUser = user; For further details, see the sample applications in Section 3.5.1, ASP.NET Applications.

3.4.2 User Logins and Transactions

Oracle Adaptive Access Manager provides APIs to capture user login information, user login status, and other user session attributes to determine device and location information. Oracle Adaptive Access Manager also provides APIs to collect transaction details. The following code sample illustrates the use of this API: record a user login attempt in OAAM string requestId = sessionData.RequestId; string remoteIPAddr = Request.UserHostAddress; string remoteHost = Request.UserHostName; bool isFlashRequest = Request.Params[client].Equalsvfc; string secureCookie = Request.Cookies[vsc] = null ? Request.Cookies[vsc].Value : null; string digitalCookie = isFlashRequest ? Request.Params[v] : null; object[] browserFpInfo = HttpUtil.GetBrowserFingerPrint; object[] flashFpInfo = HttpUtil.GetFlashFingerPrint; int browserFingerPrintType = browserFpInfo == null ? 0 : int browserFpInfo [0]; string browserFingerPrint = browserFpInfo == null ? : string browserFpInfo [1]; int flashFingerPrintType = flashFpInfo == null ? 0 : int flashFpInfo[0]; string flashFingerPrint = flashFpInfo == null ? : string flashFpInfo[1]; if user name and password have been validated by now, set the status to the appropriate value, such as success, wrong_password, or invalid_user int status = statusEnum.getElementValuesuccess;