7-4 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager 8 Customizing the OAAM Server 8-1 8 Customizing the OAAM Server This chapter provides information on customizing the client-facing OAAM Server Web application. The OAAM UIO Proxy offers multifactor authentication to Web applications without requiring any change to the application code. The OAAM Server configuration is specific to the UIO Proxy deployment. Refer to the architectural diagram Figure 8–1 for the components involved. The user interface provided by the OAAM Server Web application can be easily customized to achieve the look and feel of the customer applications. This chapter is intended for integrators who install and configure OAAM Server to support one or more Web application authentication and user registration flows. This chapter contains the following sections: ■ Architecture ■ OAAM Server Settings ■ Determining Application ID and User Group ■ Customizing User Interface Branding ■ Configuring Application Properties

8.1 Architecture

Figure 8–1 shows the UIO Proxy deployment. 8-2 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager Figure 8–1 Universal Installation Deployment The OAAM Server proxy intercepts the HTTP traffic between the client browser and the server Web application and performs appropriate actions, such as redirecting to OAAM Server, to provide multifactor authentication and authorization. OAAM Server in turn communicates with OAAM Admin to assess the risk and takes the appropriate actions, such as permitting the login, challenging the user, blocking the user, and other actions.

8.2 OAAM Server Settings

OAAM Server configuration is controlled through property files. Configuration Files Use the following property files to configure OAAM Server: ■ bharosa_server.properties – for client-configured properties any properties that have been customized for a specific deployment – for UIO Proxy system device configurations. These properties deal with the structural changes in the overall application. It is where the header, footer, and CSS properties are located. ■ client_resource_locale.properties where locale is the locale string for which you wish to use the custom values en, es, and others – for client-configured properties that are configurable for each locale being supported. locale is the locale string for which you wish to use the custom values en, es, and others. Customizing the OAAM Server 8-3 – for UIO Proxy messaging and page content configuration. For example, page titles, links at the bottom of the pages, page messages, error message, and confirmation messages. In the deployed application, the bharosa_server.properties file is located in the web-infclasses directory. The client_resource_locale.properties is created by the administrator customizing the application to contain locale-specific properties. For instructions on customizing, extending, or overriding Oracle Adaptive Access Manager properties, refer to Chapter 7, Customizing Oracle Adaptive Access Manager.

8.3 Determining Application ID and User Group

The initial steps to configure and customize OAAM Server are: 1. Determine the application ID of each application being secured. 2. Assign default user groups for each application being secured.

8.3.1 Determining the Application ID

The UIO Proxy can be placed in front of multiple applications, and customized to work with each one as required. Determine how many applications are to be configured, assign each application an Application ID. This Application ID is the same one used to configure the Proxy see Chapter 6, Oracle Adaptive Access Manager Proxy . In many cases applications are referred to internally by some name or abbreviation, so an integrator configuring OAAM Server might want to use that name. For an example, if the client has two applications, one wholesale banking application and one retail banking application, the integrator might choose to use wholesale and retail as the Application IDs for the two applications. The Proxy will send the AppId to OAAM Server as needed via an HTTP header. This AppId is then used to determine which configuration is used when displaying pages to the client. OAAM Server is configured by a set of properties which will be discussed in more detail later. An example of how AppId is used in a property definition is shown as follows: bharosa.uio.appId1.default.user.group=app1Group The bold appId1 is the location in the property where the AppId is used to configure application specific values.

8.3.2 Determining Default User Groups

Each application can be configured to have a unique default user group. This is the group that a user of that application will be associated with as their Organization ID when first created in the Oracle Adaptive Access Manager database. Similarly, it will be the Organization ID used to attempt to load user information from the database when a user attempts to log in to the application. As used in the previous example the property for Organization ID appears as follows: bharosa.uio.appId1.default.user.group=app1Group bharosa.uio.appId2.default.user.group=app2Group In the example, two Organization IDs are defined to two different applications. The application with an AppId of appId 1 has been assigned the Organization ID of 8-4 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager app1Group and the application with an AppId of appId2 has been assigned the Organization ID of app2Group.

8.4 Customizing User Interface Branding

The OAAM Server user interface branding is customized in several ways. ■ Custom header footer files ■ Custom CSS file ■ Custom properties for page content and messaging

8.4.1 Custom Header Footer

OAAM Server provides the ability to create custom header and footer files for applications being secured. The header and footer files are JSP and can contain any HTML or JSP code required to replicate the look of the application being secured. All the customer resources JSP files, image files, HTML, and others should be copied into the deployed application directories along with the OAAM Server Web application. The header header.jsp and footer footer.jsp files should contain only content html, all page related tags html, head, body, and so on are already provided by OAAM Server. As a simple example, a header and footer are created that contain a single image each, to be used as the header and footer of an application called appId1. Copy the following code into a file called header.jsp for the header. clientapp1header.jsp img src=clientapp1imagesheader.jpg alt=Welcome to App1 Copy the following code into a file called footer.jsp for the footer. clientapp1footer.jsp img src=clientapp1imagesfooter.jsp alt=App1 Footer These files will be housed in the clientapp1 directory within the Web application. To associate these files with the application you would add the following properties to client_resource_locale.properties: bharosa.uio.appId1.header = clientapp1header.jsp bharosa.uio.appId1.footer = clientapp1footer.jsp

8.4.2 Custom CSS

OAAM Server styles are controlled through a single CSS file, bharosa_uio.css, located in the css directory. These styles can be overridden by including a custom CSS file. Much like the header and footer example show previously, you can create your own file and include that file on an application or global level through properties. Refer to Section 8.5, Configuring Application Properties. In this example you will override the font-family of the default body style definition. The body style in bharosa_uio.css is defined as follows: body{ background-color:ffffff; font-size:12px; color:000000;