Advanced Security Option: Other Params

Advanced Security Option: Other Params

Once the order of the authentication methods are chosen, use this tab to configure parameters for the chosen authentication methods.

From the drop-down list, select the authentication method. Depending on the protocol chosen, enter information in the fields as appropriate.

Kerberos(V5):

Service:

Enter any string in the Service field to specify the Kerberos service name.

Credential Cache File:

Enter any valid path name in the Credential Cache File field to specify the Kerberos credential cache path name.

Configuration File:

Enter any valid path name in the Configuration File field to specify the Kerberos configuration file.

Realm Translation File:

Enter any valid path name in the Realm Translation File field to specify the Kerberos host name to realm translation file.

Key Table:

Enter any valid path name in the Key Table field to specify the Kerberos secret key file.

Clock Skew:

Enter any positive integer in the Clock Skew field to specify the acceptable difference in the number of seconds between when a credential is sent and received.

RADIUS:

Host Name:

Enter the name of the primary RADIUS server.

Port Number:

Enter the port number of the primary RADIUS server.

Timeout (seconds):
Enter the number of seconds the Oracle server should wait for response from the primary RADIUS server.

Number of Retries:

Enter the number of times the Oracle server should resend messages to the primary RADIUS server.

Secret File:

Enter the path name of the secret key file.

Send Accounting:

Enter ON to enable accounting or OFF to disable it.

Challenge Response:

Enter ON to enable challenge-response or OFF to disable it.

Default Keyword:

Enter the keyword for requesting a challenge from the RADIUS server.

Interface Class Name:

Enter the name of the class you have created to handle the challenge-response conversation between the Oracle client and the RADIUS server.

CYBERSAFE: Specify a CYBERSAFE service principal. Enter any correctly formatted service principal string in the GSSAPI Service field.

IDENTIX: Specify an IDENTIX authentication server TNS Alias. Enter any string in the Fingerprint Server Name field.

SECURID: No additional parameters are required.

NTS: No additional parameters are required.

See Also:

Oracle Advanced Security Administrator's Guide

Service:	Enter any string in the Service field to specify the Kerberos service name.
Credential Cache File:	Enter any valid path name in the Credential Cache File field to specify the Kerberos credential cache path name.
Configuration File:	Enter any valid path name in the Configuration File field to specify the Kerberos configuration file.
Realm Translation File:	Enter any valid path name in the Realm Translation File field to specify the Kerberos host name to realm translation file.
Key Table:	Enter any valid path name in the Key Table field to specify the Kerberos secret key file.
Clock Skew:	Enter any positive integer in the Clock Skew field to specify the acceptable difference in the number of seconds between when a credential is sent and received.

Host Name:	Enter the name of the primary RADIUS server.
Port Number:	Enter the port number of the primary RADIUS server.
Timeout (seconds):	Enter the number of seconds the Oracle server should wait for response from the primary RADIUS server.
Number of Retries:	Enter the number of times the Oracle server should resend messages to the primary RADIUS server.
Secret File:	Enter the path name of the secret key file.
Send Accounting:	Enter ON to enable accounting or OFF to disable it.
Challenge Response:	Enter ON to enable challenge-response or OFF to disable it.
Default Keyword:	Enter the keyword for requesting a challenge from the RADIUS server.
Interface Class Name:	Enter the name of the class you have created to handle the challenge-response conversation between the Oracle client and the RADIUS server.