Integrating Native .NET Applications 3-9 AuthentiPadType padType = AuthentiPadType.TYPE_ALPHANUMERICPAD; String bgFile = proxy.getImageuser.CustomerId; String captionText = proxy.getCaptionuser.CustomerId; String frameFile = BharosaConfig.get bharosa.authentipad.alphanumeric.frame.file, alphanumpad_bgkp_v2_frame_nologo.png; AuthentiPad authPad = client.getAuthentiPadpadType, padName, frameFile, bgFile, captionText, false, true, true; save the authenticator object in sessData: it will be needed in GetImage.aspx.cs to generate the authenticator image, and while decoding the user input sessionData[padName] = authPad; }

3.4.6.2 Embedding a Virtual Authentication Device in a Web Page

To display a virtual authentication device properly, such as the one created in the previous section, both the .ASPX file and the code-behind file need to be updated. To update these files, proceed as follows: 1. Include the JavaScript bharosa_webjsbharosa_pad.js in the ASPX file. 2. Create a label in the ASPX file where the virtual authentication device is to be displayed: asp:Label ID=authenticator runat=serverasp:Label 3. Generate the HTML in the code-behind file from the virtual authentication device object and assign it to the label: this.authenticator.Text = client.getAuthentiPadHTMLauthPad,false, false;

3.4.6.3 Validating User Input with a Virtual Authentication Device

The input that a user supplies to a virtual authentication device is posted to the application in the HTTP parameter named padName + DataField. This input should be decoded using the virtual authentication device as illustrated in the following sample code: if IsPostBack { AuthentiPad authPad = sessionData[padName]; String encodedPasswd = Request.Params[padName + DataField]; String passwd = authPad.decodeInputencodedPasswd; continue to validate the password }

3.4.7 Specifying Credentials to the Oracle Adaptive Access Manager SOAP Server

The credentials to access the Oracle Adaptive Access Manager SOAP Server can be specified in one of the following ways: ■ By adding the following settings to application web.config file: appSettings add key=BharosaSOAPUser value=soapUser 3-10 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager add key=BharosaSOAPPassword value=soapUserPassword add key=BharosaSOAPDomain value=soapUserDomain appSettings ■ By adding the following properties to one of the application properties files: BharosaSOAPUser=soapUser BharosaSOAPPassword=soapUserPassword BharosaSOAPDomain=soapUserDomain

3.4.8 Tracing Messages

The Oracle Adaptive Access Manager .NET API allows to print trace messages of various levels using diagnostics switches in web.config. The trace messages can be saved to a file by configuring the appropriate listeners. The following web.config file sample shows the configuration of switches and a listener that writes trace messages to a file: system.diagnostics switches add name=debug value=0 add name=info value=0 add name=soap value=0 add name=perf value=0 add name=warning value=1 add name=error value=1 add name=traceTimestamp value=1 add name=traceThreadId value=1 switches trace autoflush=true indentsize=2 listeners add name=BharosaTraceListener type=System.Diagnostics.TextWriterTraceListener, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089 initializeData=BharosaTrace.log listeners trace system.diagnostics

3.5 Integration Example Using Sample Applications

This section shows you how to integrate an application through using one of the sample applications provided in the SDK.

3.5.1 ASP.NET Applications

The following four ASP.NET applications are included in this sample package to demonstrate integration of various OAAM 11g features in ASP.NET based applications. Note: When specifying SOAP credentials in this way, you can use either clear text or an encrypted string for a value typically, for the value of a password