20-8 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager 2. Create policy to return newly created action, MyChallenge, to use the challenge method. Alternatively, if you want to configure challenge devices using properties, you can bypass the AuthentiPad checkpoint by setting bharosa.uio.default.use.authentipad.checkpoint to false. Devices to use for the challenge type can be added. bharosa.uio.application.challengeType.authenticator.device=value The examples shown use the challenge type key, ChallengeEmail and ChallengeSMS to construct the property name. bharosa.uio.default.ChallengeSMS.authenticator.device=DevicePinPad bharosa.uio.default.ChallengeEmail.authenticator.device=DevicePinPad Available challenge device values are DeviceKeyPadFull, DeviceKeyPadAlpha, DeviceTextPad, DeviceQuestionPad, DevicePinPad, and DeviceHTMLControl. Table 20–4 Authentication Device Type Property Description None No HTML page or authentication pad DeviceKeyPadFull Challenge user using KeyPad. DeviceKeyPadAlpha Challenge user with the alphanumeric KeyPad numbers and letters only, no special characters DeviceTextPad Challenge user using TextPad. DeviceQuestionPad Challenge user using QuestionPad. DevicePinPad Challenge user using PinPad. DeviceHTMLControl Challenge user using HTML page instead of an authentication pad. 21 Creating a View of a Non-OAAM Database 21-1 21 Creating a View of a Non-OAAM Database Users who want to load from a non-OAAM database will need to create a view in their remote data source. This document explains how to create this view.

21.1 The OAAM_LOAD_DATA_VIEW

The Out-of-the-Box Loader for OAAM Offline requires a table or view with a specific name and structure to exist in the load data source. The structure is given in the following table. Table 21–1 OAAM_LOAD_DATA_VIEW Field Name Data Type Description LOGIN_TIMESTAMP DateTime The login time. SESSION_ID Character Uniquely identifies a login record. USER_ID Character The users User ID. LOGIN_ID Character The users Login ID. This may be the same as the USER_ID if the load datasource does not distinguish between User ID and Login ID. DEVICE_ID Character Identifies the users device. GROUP_ID Character The users primary user group, or an application ID. IP_ADDRESS Integer The IP address, in the form of a long integer. AUTH_STATUS Integer The auth status. If loading from a non-OAAM schema, this field should be a decode function that converts the remote data sources authentication status into an OAAM authentication status, defined by the user defined enum auth.status.enum. If the remote schema has no concept of auth status, then this value should be -1. CLIENT_TYPE Integer The client type. When loading from a non-OAAM schema, this should be -1. USER_AGENT Character The user agent string from the browser. FLASH_FINGERPRINT Character This field represents the digital fingerprint. It may be null if not supported by the load datasource. DIGITAL_COOKIE Character This field represents the digital cookie set by OAAM. When loading from a non-OAAM schema, this should be null. 21-2 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager

21.2 Schema Examples

The OAAM Schema and custom schema are shown below.

21.2.1 OAAM Schema

The following example shows the SQL for the OAAM_LOAD_DATA_VIEW that ships with OAAM. CREATE OR REPLACE FORCE VIEW OAAM_LOAD_DATA_VIEW LOGIN_TIMESTAMP, SESSION_ID, USER_ID, LOGIN_ID, DEVICE_ID, GROUP_ID, IP_ADDRESS, AUTH_STATUS, CLIENT_TYPE, USER_AGENT, FLASH_FINGERPRINT, DIGITAL_COOKIE, EXP_DIGITAL_COOKIE, SECURE_COOKIE, EXP_SECURE_COOKIE AS SELECT l.create_time LOGIN_TIMESTAMP, l.request_id SESSION_ID, l.user_id USER_ID, l.user_login_id LOGIN_ID, l.node_id DEVICE_ID, l.user_group_id GROUP_ID, l.remote_ip_addr IP_ADDRESS, l.auth_status AUTH_STATUS, l.auth_client_type_code CLIENT_TYPE, SELECT t1.data_value FROM v_fprints t1 WHERE t1.fprint_id=l.fprint_id USER_ AGENT, SELECT t2.data_value FROM v_fprints t2 WHERE t2.fprint_id=l.digital_fp_id FLASH_FINGERPRINT, l.sent_dig_sig_cookie DIGITAL_COOKIE, l.expected_dig_sig_cookie EXP_DIGITAL_ COOKIE, l.sent_secure_cookie SECURE_COOKIE, l.expected_secure_cookie EXP_SECURE_COOKIE FROM vcrypt_tracker_usernode_logs l; For discussion purposes, consider this statement in two parts. The first part starts at the beginning and ends before the Select. This part is required and cannot be modified. The second part starts with the Select and continues to the end of the statement. If loading from a non-OAAM schema, this part would be customized to select data from that schema.

21.2.2 Custom Schema Example

In this example, you would want to load from a table that looks like the following. You would want to have Banking as your primary group or Application ID, and you would not want to load test data. LOGINS EXP_DIGITAL_COOKIE Character This field represents the expected digital cookie set by OAAM. When loading from a non-OAAM schema, this should be null. SECURE_COOKIE Character This field represents the secure cookie set by OAAM. When loading from a non-OAAM schema, this should be null. EXP_SECURE_COOKIE Character This field represents the expected secure cookie set by OAAM. When loading from a non-OAAM schema, this should be null. Table 21–1 Cont. OAAM_LOAD_DATA_VIEW Field Name Data Type Description