4-10 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager String clientVersion, int fingerPrintType, String fingerPrint, int digFingerPrintType, String digFingerPrint; public CookieSet updateLogString requestId, Date requestTime, String remoteIPAddr, String remoteHost, String secureCookie, String digitalCookie, String groupId, String userId, String loginId, boolean isSecure, int result, int clientType, String clientVersion, int fingerPrintType, String fingerPrint, int fingerPrintType2, String fingerPrint2; Table 4–6 updateLog Parameters Parameter Description requestId The login session ID; this is the ID that should be used in all API calls for the login session remoteIPAddr The IP from where the request came; extracted from the HTTP request remoteHost The host name from where the request came; optional secureCookie The secure cookie; passed only if it is received from a browser digitalCookie The digital signature cookie; can be the flash cookie; passed only if it is sent by a browser groupId The ID of the group this user belongs to userId The user ID; this is the primary ID key for the user; for invalid users, it is null loginId The ID used by the user to login in; required isSecure A Boolean indicating whether this node is secure and can be registered; it also indicates that the login is from a secure or registered device; if there is no concept of device, then set to false result A value of the user-defined enumeration auth.status.enum clientType An enumeration value indicating the client type used for authentication. The corresponding enum name is auth.client.type.enum. clientVersion The version of the client; optional fingerPrintType Refer to the OAAM enum vcrypt.fingerprint.type.enum for a list of valid values. Currently the enum has following values: ■ browser=1 ■ flash=2 It is recommended to use 1 for browser as the value of fingerPrintType as this parameter corresponds to browser fingerprint type. Integrating Native Java Applications 4-11

4.5.7 getUserByLoginId

getUserByLoginId returns the user details without the password and pin for the given customer and group. public VCryptAuthUser getUserByLoginIdString loginId, String groupName;

4.5.8 generateOTP

VcryptTrackerImpl::generateOTP returns OTP code based on the following properties to determine length of code returned and characters to use in creating OTP code bharosa.uio.default.otp.generate.code.length bharosa.uio.default.otp.generate.code.characters Example code for API use is in the OAAM example application available on Oracle by Example. String requestId, String challengeType, String appId fingerPrint The fingerprint; if it describes browser characteristics, then the header is parsed into this string; it represents the browser header information digFingerPrintType Refer to the OAAM enum vcrypt.fingerprint.type.enum for list of valid values. Currently the enum has following values: ■ browser=1 ■ flash=2 It is recommended to use 2 for flash as the value of digFingerPrintType, as this parameter corresponds to flash fingerprint type. digFingerPrint The digital fingerprint requestTime The time at which the request was made fingerPrintType2 Used in case the same request has multiple fingerprints; defined in the properties file; optional fingerPrint2 The second fingerprint value; optional Table 4–7 getUserByLoginId Parameter Description loginId The ID used by the user to login in groupName The group name Table 4–8 generateOTP Parameter Description requestId OAAM Request ID challengeType OAAM Challenge Type configured by the user defined enum: bharosa.uio.default.challenge.type.enum. For more information, refer to Section 11.7, Registering SMS Processor to Perform Work for Challenge Type. appId An application identifier used to look up properties based on application. If no application specific properties are required, an empty string, null, or default can be passed. Table 4–6 Cont. updateLog Parameters Parameter Description 4-12 Oracle Fusion Middleware Developers Guide for Oracle Adaptive Access Manager

4.5.9 updateAuthStatus

updateAuthStatus updates the user authentication status and, if appropriate, it triggers pattern data processing. This method must be called when there is a change in the user authentication status; make sure that, before calling updateAuthStatus, the application calls updateLog . The list of authentication status values are specified in the user-defined enumeration auth.status.enum; you can add or remove items to this enumeration, as appropriate to your application, but only values of this enumeration can be used to identify an authentication status. The following scenarios describe alternative ways to handle updating a user login authentication status: ■ Pass the login status in the updateLog call; this scenario avoids calling updateAuthStatus altogether. ■ Allow the user to log in before setting the login status; in this scenario, first pass status pending in the updateLog call, then process the login data, and then pass the appropriate status in the updateAuthStatus call. ■ If your application flow includes challenging the user, then first set the status to pending, then pose the challenge questions, and then, depending on the answers, reset the status to success or wrong_answer. ■ Typically, there is no need to call updateAuthStatus after invoking the rules engine, since this engine includes setting the authentication status as part of running the rules. public VCryptResponse updateAuthStatusString requestID, int resultStatus, int clientType, String clientVersion; public VCryptResponse updateAuthStatusString requestID, Date requestTime, int resultStatus, int clientType, String clientVersion; public VCryptResponse updateAuthStatusString requestID, int resultStatus, int clientType, String clientVersion, boolean analyzePatterns; public VCryptResponse updateAuthStatusString requestID, Date requestTime, int resultStatus, int clientType, String clientVersion boolean analyzePatterns;