Security for Oracle Real-Time Decisions 4-17 map the default application roles to different groups specific to the corporate LDAP server. To configure the authentication security provider, log into Oracle WebLogic Server Administration Console and see the detailed steps in Oracle Fusion Middleware Oracle WebLogic Server Administration Console Online Help. For information about configuring Oracle Internet Directory as an authentication provider, see Section 4.6.4.1, Configuring Oracle Internet Directory as an Authentication Provider.

4.6.4.1 Configuring Oracle Internet Directory as an Authentication Provider

Oracle Internet Directory is used in the following procedures to explain the process of configuring a different authentication provider and identity store combination. Using the same directory server for both is convenient; however, you can use any combination of directory servers as long as they are both supported by Oracle RTD. Configuring Oracle Internet Directory to be both the authentication provider and identity store demonstrates the process but differences will exist with another directory server is used. For additional information about configuring an authentication provider for an Oracle WebLogic Server domain, see Oracle Fusion Middleware Oracle WebLogic Server Administration Console Online Help. The Oracle Internet Directory authentication provider is configured in the Administration Console when Oracle Internet Directory provides the user data identity store. The rest of this section describes how to configure the Oracle Internet Directory authentication provider, and how to reorder the authentication provider list. To configure the Oracle Internet Directory authentication provider: In the following description, MyOIDDirectory is used to represent the Oracle Internet Directory.

1. Click Lock Edit in the Change Center of the Oracle WebLogic Server

Administration Console. Note: If the security realm is configured to use an authentication provider other than the default embedded LDAP server, the application roles must be mapped again to the correct groups enterprise roles in the alternative identity store. 4-18 Oracle Fusion Middleware Administrators Guide for Oracle Real-Time Decisions

2. Select Security Realms from the left pane and click the realm you are configuring.

For example, myrealm. 3. Select Providers, then Authentication. Click New to launch the Create a New Authentication Provider page.

4. Enter values in the Create a New Authentication Provider page as follows:

■ Name : Enter a name for the authentication provider. For example, MyOIDDirectory. ■ Type : Select OracleInternetDirectoryAuthenticator from the list. ■ Click OK. Security for Oracle Real-Time Decisions 4-19

5. Select Providers, then Authentication. Click the name of the authentication

provider to complete its configuration. For example, MyOIDDirectory. The Configuration page for the Oracle Internet Directory authentication provider is displayed and has multiple tabs.For more information about completing fields in the Configuration page, click the More Info... link located in each field. You next set the Control Flag for the Oracle Internet Directory authentication provider. When configuring multiple authenticator providers, the Control Flag controls how the authentication providers are used in the login sequence.

6. On the Common tab, set the Control Flag to SUFFICIENT by selecting it from the

list. Click More Info... for more information about the Control Flag settings.

7. Select the Provider Specific tab and complete these fields as follows. Click More