User Authentication

The ODS application provides an out-of-the box user authentication mechanism as well as an ability to implement alternative authentication models like a Single Sign-On (SSO) authentication through the OIPA WebServices. If the system is implemented with SSO, additional measures need to be taken to properly secure the authentication infrastructure. Depending on the implementation chosen, either an authentication server should be placed within the OIPA application server and database zone, or the call to an authentication service needs to be made via a secure connection.

Both web service and interactive user authentication are implemented through the same authentication service provided by the business logic tier of the OIPA application via ODS business layer. The authentication service retrieves a matching user record from the OIPA database that contains basic user information and a secure digest of a password. The password digest is then compared to the digest of the incoming password and an authentication decision is made based on the result of the comparison.

ODS calls OIPA services to retrieve an authentication token if the user entered is validated by OIPA. User authentication functionality is delegated to OIPA. Please refer to the relevant palette guide for further information.

Fig: OIPA User Authentication

The encrypted password digest is created by the Rules Palette when a user is created. When a new OIPA environment is created using the Rules Palette's Web Application Utility, the process allows for the configuration of the encryption parameters to be used by the encryption algorithm. The settings include the particular encryption algorithm (from the list of the supported algorithms below), and the number of iterations of the algorithm.

The number of encryption iterations is a value between 1000 and 9999. A higher number of iterations makes the password more secure, but also requires more computation to encrypt. For more information, please refer to the associated version of the Rules Palette Help System that is located on the Oracle Technology Network.

 

 

Oracle Insurance Logo Copyright © 2017, Oracle and/or its affiliates. All rights reserved. About Oracle Insurance | Contact Us