Index
A B C D E G H I J K L M N O P R S T U V W X
Symbols
- <as-context> element, 15.5.2
- <confidentiality> element, 15.5.1
- <default-method-access> element, 12.2.2.6
- <establish-trust-in-client> element, 15.5.1
- <establish-trust-in-target> element, 15.5.1
- <group> element, 4.15
- <groups> element, 4.15
- <integrity> element, 15.5.1
- <ior-security-config> element
- DTD, 15.5.3.1
- <jazn> element
- and <password-manager> element, 14.4
- <jazn-loginconfig>, 10.8.1.1
- <jazn-policy>, 10.8.1.2
- <jazn-web-app> element, 4.9, 4.10.1, 18.5
- auth-method, 4.9.2
- <login-module> entity
- options, 4.8
- <method> element
- defined, 12.2.2.2
- <method-permission> element, 12.2.2.1, 12.2.2.2, 12.2.2.2, 12.2.2.2
- <password-manager> element, 14.4
- <principals> element, 4.15
- <role-link> element, 12.2.2.1, 12.2.2.2, 12.2.2.2
- <role-name> element, 12.2.2.1, 12.2.2.2
- <run-as> element, 12.2.2.4
- <sas-context> element, 15.5.3
- <security-identity> element, 12.2.2.4
- <security-role> element, 12.2.2.1, 12.2.2.2
- <security-role-mapping> element, 12.2.2.5, 12.2.2.5
- <security-role-ref> element, 12.2.2.1, 12.2.2.2, 12.2.2.2
- <transport-config> element, 15.5.1
- <unchecked/> element, 12.2.2.3
- <use-caller-identity/> element, 12.2.2.4
- <user> element, 4.15
- <users> element, 4.15
A
- access control lists
- definition, 2.5
- AccessController, 1.1.2
- AccessTest1, A.3.1
- actions
- definition, 1.1.1
- add command, B.24.1.1
- adding and removing realms, 10.5, B.3, B.5
- adding and removing roles, B.8
- adding and removing users, B.9
- -addperm option to JAZN Admintool, 10.5, B.3, B.5
- -addprncpl option to JAZN Admintool, B.6
- -addrealm option to JAZN Admintool, B.7
- -addrole option to JAZN Admintool, B.8
- -adduser option to JAZN Admintool, B.9
- administration permission
- granting, 6.3.1
- AdminPermission class
- definition, 1.1.3, 1.1.3
- Apache Listener. See Oracle HTTP Server.
- applications
- in Java 2 application environments, 3.1
- with JAAS, 2.2.4
- authentication, 1.4, 4.7
- basic, 3.3.3
- environments, 3.3.3
- form-based, 3.3.3
- J2EE, 3.4
- using login modules, 2.2.1
- using OracleAS Single Sign-On, 2.3
- using RealmLoginModule class, 2.3
- with Basic Authentication, 3.3.6.1
- with OracleAS Single Sign-on, 2.3
- with SSO, 3.3.4.1
- authentication methods, 4.9
- auth-method, 4.9, 4.9.2
- authorization, 1.4
- J2EE, 3.5
B
- bootstrap jazn.xml, 5.1
C
- cache properties, 5.4.3
- caching, 5.4
- disabling, 5.4.2
- caching properties, 5.4, 5.4.3
- capability model
- definition, 2.5, 2.5
- certificate authorities, 11.1
- certificates (SSL), 11.1
- checking
- passwords, B.10
- -checkpasswd option to JAZN Admintool, B.10
- cipher suites
- supported by Oracle HTTPS, 13.4.1.2, 13.4.1.3
- class names
- definition, 1.1.1
- clear command, B.24.1.3
- client.sendpassword property, 15.6
- codesource in policy files, 2.2.5
- Common Secure Interoperability version 2 see CSIv2
- configuration data
- retrieving from jazn.xml file, B.11
- configuring
- external LDAP providers, 9
- LoginModules, 10.8
- XML-based provider, 8
- connection properties, 5.2, 5.3
- connector-factory element, 10.8.4
- createUser method, 2.4
- creating
- groups, 8.2
- realms, 8.5
- users, 8.1, 8.3
- credentials, 1.3, 14.2.1
- cryptographic keys, 1.3
- CSIv2
- and EJBs, 15.3
- internal-settings.xml, 15.3
- introduction, 15.1
- properties in orion-ejb-jar.xml, 15.5
- security properties, 15.5
- custom Loginmodules
- troubleshooting, 18.3
D
- DAS, 2.4.1
- debugging
- general SSL debugging, 11.5.2
- default realm, 8.12
- properties, 5.6
- Delegated Administrative Service, see DAS
- deleting
- realms, 8.6
- users, 8.4
- deploying
- LoginModule, 10.7
- deployment descriptors
- J2EE Connector, 16.1
- security, 12.2.2.1, 12.2.2.2, 12.2.2.5
- DER, 13.3.2
- digital certificates, 1.5.2
- disabling caching, 5.4.2
- Distinguished Encoding Rules, 13.3.2
- doAsPrivileged(), 4.10.1
- doasprivileged-mode, 4.10.1
- DTDs
- internal-settings.xml, 15.2
- <ior-security-config> element, 15.5.3.1
E
- EIS connections
- JCA, 17
- EJB
- CSIv2, 15.3
- interoperability, 15
- security, 12.2.2
- server security properties, 15.2
- ejb_sec.properties, 15.6
- environment variables
- and JAZN Admintool, 18.2
- LDAP, 7.1.2
- exit command, B.24.1.4
G
- GenericCredential interface
- and Kerberos, 16.2
- getAttribute("java.security.cert.X509certificate"), 2.7, 3.4.2
- getAuthType, 3.4.2
- -getconfig option to JAZN Admintool, B.11
- getGroup method, 2.4
- getRemoteUser, 3.4.2
- getUser method, 2.4
- getUserPrincipal, 3.4.2
- granting
- administration permission, 6.3.1
- permissions, 6.3, 6.3.2
- RMI permission, 6.3.1
- roles, 8.9
- granting and revoking permissions, 6.3.2, B.12
- -grantperm option to JAZN Admintool, 6.3.2, B.12
- groups
- creating, 8.2
- creating in LDAP, 7.1.1
H
- help command, B.24.1.5
- HTTPClient.HttpUrlConnection, 13.4.4
- HTTPConnection, 13.3.1
- HttpSession, 5.4.1
I
- impliesAll attribute, 12.2.2.6
- instance properties
- jazn.xml, 5.1
- integrating
- custom LoginModule, 10.3
- internal-settings.xml file, 15.2
- CSIv2 entities, 15.3
- DTD, 15.2
- <sep-property> element, 15.2, 15.3
- interoperability, 15
- invoking JAZN Admintool, B.2
- isCallerInRole method, 12.2.2.2
J
- J2EE Connector, 16
- deployment descriptors, 16.1
- JAAS
- login modules, 2.2.1
- JAAS Provider, 2.1
- and SSL/Oracle Internet Directory, 5.5.1
- common configuration tasks
- configuring a Java 2 Policy File, 4.14
- integration with Basic authentication, 3.3.6
- integration with SSL-enabled applications, 3.3.5
- integration with SSO-enabled applications, 3.3.4
- locations for jazn.xml, 4.2.1
- overview, 2.1
- permission classes, 1.1.3
- security role, 3.5.1.2
- JAAS. See Java Authentication and Authorization Service (JAAS)
- jaas.config file, 4.8
- Java 2 application environments, 3.1
- Java 2 Platform, Enterprise Edition (J2EE), 1.1
- application development in, 3.1
- integration with JAZNUserManager, 3.3.2
- Oracle component responsibilities in basic authentication environments, 3.3.6.1
- Oracle component responsibilities in SSO-enabled environments, 3.3.4.1
- Java 2 Platform, Standard Edition (J2SE)
- application development in, 3.1, 3.1
- creating applications using the Java 2 Security Model, 1.1
- Java 2 policy file
- configuring for JAAS Provider, 4.14
- Java 2 Security Model, 2.2
- definition, 1.1
- using access control capability model, 2.5
- using with J2EE applications, 1.1
- using with J2SE applications, 1.1
- Java Authentication and Authorization Service (JAAS)
- applications, 2.2.4
- definition, 2.2, 2.2
- policy files
- example, 2.2.5
- principals, 1.2
- realms, 2.2.3
- roles, 2.2.2
- subjects, 1.3
- Java Key Store (JKS), 15.2
- Java Platform, Enterprise Edition (J2EE)
- security role, 3.5.1
- java2.policy file
- configuring for JAAS Provider, 4.14
- java.io.FilePermission, A.2
- java.net.URL framework, 13.4.4
- java.security.Principal, 2.2.2, 2.3
- java.security.Principal interface
- using with principals, 1.2
- using with roles and groups, 2.2.2
- javax.net.ssl.KeyStore, 13.5.1
- javax.net.ssl.KeyStorePassword, 13.5.2
- javax.servlet.HttpServletRequest, 3.4.2
- JAZN Admintool
- adding and removing permissions, 10.5, B.3, B.5
- adding and removing principals, B.6
- adding realms, B.7
- adding roles, B.8
- adding users, B.9
- and environment variables, 18.2
- checking passwords, B.10
- command options, B.2
- granting and revoking permissions, 6.3.2, B.12
- granting roles, B.13
- invoking, B.2
- listing permissions, B.15
- listing principals, B.17
- listing realms, B.19
- listing roles, B.20
- listing users, B.21
- migrating principals, 8.13, B.22
- navigating shell, B.24.1
- retrieving configuration data, B.11
- revoking roles, B.13
- setting passwords, B.23
- shell commands, B.24.1
- starting shell, B.24
- JAZN Admintool shell
- starting, 8.13, B.22
- JAZN Admintool shell commands
- add, B.24.1.1
- clear, B.24.1.3
- exit, B.24.1.4
- help, B.24.1.5
- man, B.24.1.7
- mk, B.24.1.1
- pwd, B.24.1.8
- rm, B.24.1.9
- set, B.24.1.10
- jazn-data.xml
- and LoginModule, 9.1, 10.8.1
- deploying LoginModules, 10.9.3
- jazn-data.xml file, 2.2.5.1, 2.2.5.1, 2.4, 2.4.1
- and Admintool, 4.2.2, 4.3.1
- JAZNPermission class
- definition, 1.1.3, 1.1.3
- JAZNUserManager, 2.4, 2.4.1, 3.5
- definition, 2.3, 3.3.2
- integration in J2EE environments, 3.3.2
- jazn.xml
- bootstrap file, definition, 5.1
- file location, 4.2.1
- instance properties, 5.1
- retrieving configuration data, B.11
- JCA
- component-managed vs. container-managed sign-on, 17.1.2
- EIS connections, 17
- security contract, 17.1.1
- JNDI connection pool, 5.3
- JVM, 4.4
K
- Kerberos, 1.3
- and GenericCredential interface, 16.2
- keys (SSL), 11.1
- keystore
- definition, 15.2
- keystores, 11.1
L
- LD_LIBRARY_PATH
- variable setting, 2.7, 7.1.2, 18.2
- LDAP, 2.4.1
- caching properties, 5.4, 5.4.3
- configuring external providers, 9
- connection properties, 5.2, 5.3
- creating users and groups, 7.1.1
- environment variables, 7.1.2
- Oracle Internet Directory used as provider type, 2.1.1
- prerequisites, 7.1
- SSL properties, 5.5
- LDAP default realm properties, 5.6
- LDAP provider
- Microsoft Active Directory, 9.5
- Sun Java System Application Server, 9.4
- third-party, 9.2
- LDAP-based provider type, 2.4.1, 2.4.1
- ldap.password property name, 5.5
- ldap.protocol, 5.5
- ldap.user property name, 5.5
- Lightweight Directory Access Protocol. See LDAP.
- listing
- permission information, B.16
- permissions, B.15
- principal class information, B.18
- principal classes, B.17
- realms, B.19
- roles, B.20
- users, B.21
- listing realms, B.17
- -listperm option to JAZN Admintool, B.15
- -listprncpl option to JAZN Admintool, B.17
- -listprncpls option to JAZN Admintool, B.17
- -listrealms option to JAZN Admintool, B.19
- -listroles option to JAZN Admintool, B.20
- -listusers option to JAZN Admintool, B.21
- login-config element, 4.9.1
- LoginContext class, 2.2.1
- authenticating subjects, 2.2.1
- login-module element
- and third-party LDAP provider, 9.2
- LoginModules, 10
- configuring, 10.8
- configuring with different applications, 2.2.1
- definition, 2.2.1
- deploying, 10.9.3
- integrating, 10.9
- integration with OC4J, 10.3
- packaging and deployment, 10.7
- troubleshooting custom, 18.3
M
- man command, B.24.1.7
- mapping
- groups to EIS users, 17.5.3
- security roles, 6.2
- Microsoft Active Directory
- as LDAP provider, 9.5
- -migrate option to JAZN Admintool, 8.13, B.22
- migrating
- principals, 8.13, 8.13, B.22
- mk command, B.24.1.1
- modes
- persistence, 8.11
N
- nameservice.useSSL property, 15.6
- navigating
- JAZN Admintool shell, B.24.1
O
- obfuscation, 14.2.1
- LDAP password, 5.5
- oc4j.iiop.ciphersuites property, 15.6
- oc4j.iiop.enable.clientauth property, 15.6
- oc4j.iiop.keyStoreLoc property, 15.6
- oc4j.iiop.keyStorePass property, 15.6
- oc4j.iiop.trustedServers property, 15.6
- oc4j.iiop.trustStoreLoc property, 15.6
- oc4j.iiop.trustStorePass property, 15.6
- oc4j-ra.xml, 10.8.4
- OPMN, 15.2
- Oracle HTTPS, 13
- default system properties, 13.5
- example, 13.6
- feature overview, 13.4
- supported cipher suites, 13.4.1.2, 13.4.1.3
- Oracle Internet Directory, 1.4, 2.4, 2.4.1
- Oracle Process Management Notification service, 15.2
- OracleAS Containers for J2EE (OC4J)
- interoperability, 15
- mapping security roles to JAAS Provider users and roles, 3.5.1.3
- OracleAS Single Sign-On, 2.3
- oracle.security.jazn.realm package
- use of, 2.3
- OracleSSLCredential, 13.3.2
- Oracle.ssl.defaultCipherSuites, 13.5.3
- orion-application.xml, 4.10.1, 18.5
- and LoginModule, 10.8.3
- deploying LoginModules, 10.9.3
- mapping security roles to JAAS Provider users and roles, 3.5.1.3
- passwords not obfuscated, 14.2
- specifying UserManager, 4.7.2
- orion-ejb.jar file
- <establish-trust-in-target> element, 15.5.1
- <sas-context> element, 15.5.3
- <transport-config> element, 15.5.1
- orion-ejb-jar.xml, 15.5
- <as-context> element, 15.5.2
- <establish-trust-in-client> element, 15.5.1
- <integrity> element, 15.5.1
- security properties, 15.5
- orion-ejb-jar.xml file
- <confidentiality> element, 15.5.1
- orion-web.xml, 4.10.1, 18.5
P
- partitioning, 2.2.4
- password indirection
- definition, 14.1
- password obfuscation
- definition, 14.1
- passwords, 14.2.1
- checking, B.10
- checking in JAZN Admintool, B.10
- not obfuscated in orion-application.xml, 14.2
- obfuscating, 14.2.1
- setting, 6.3.2, B.12
- setting in JAZN Admintool, B.23
- permissions, 2.6.1, 12.2.1
- actions, 1.1.1
- adding and removing in JAZN Admintool, 10.5, B.3, B.5
- class definitions, 1.1.3
- class name, 1.1.1
- definition, 2.2.5, 2.2.5
- granting, 6.3, 6.3.2
- granting and revoking in JAZN Admintool, 6.3.2, B.12
- granting and revoking with the JAZN Admintool, 6.3.2, B.12
- in Java 2 Security Model, 1.1.1
- JAAS Provider, 1.1.3
- Java permission instance contents, 1.1.1
- listing in JAZN Admintool, B.15
- listing with the JAZN Admintool, B.15, B.16
- revoking, 6.3.2, 8.8
- target, 1.1.1
- persistence mode, 8.11, 14.2.1
- Pluggable Authentication Module (PAM), 2.2
- policy
- definition, 2.2.5
- policy cache, 5.4
- policy files
- codesource, 2.2.5
- example, 2.2.5
- subject, 2.2.5
- prerequisites
- LDAP, 7.1
- principal mapping classes, 17.5.3
- principals, 1.2
- adding and removing in JAZN Admintool, B.6
- definition, 1.2
- listing class information with the JAZN Admintool, B.18
- listing in JAZN Admintool, B.17
- migrating, 8.13
- migrating in JAZN Admintool, 8.13, B.22
- with JAAS, 1.2
- principals.xml file, 2.4, 2.4.2, 4.15, 4.15, 8.13
- converting from, 8.13, B.22
- examples, 4.15
- private keys (SSL), 11.1
- privileges, 2.6.1
- properties
- connection, 5.2
- JNDI connection pool, 5.3
- LDAP caching, 5.4, 5.4.3
- LDAP default realm, 5.6
- LDAP SSL, 5.5
- property names
- ldap.password, 5.5
- ldap.user, 5.5
- PropertyPermission, 12.2.1
- protection domain
- in Java 2 Security Model, 1.1.2
- provider types, 2.1.1
- in J2SE environments, 3.1
- retrieving permissions from, 2.5
- public key certificates, 1.3
- public keys (SSL), 11.1
- pwd command, B.24.1.8
R
- RBAC (role-based access control), 2.6
- realm cache, 5.4
- RealmLoginModule class, 2.3, 3.4, 4.8
- in J2SE environments, 3.1
- RealmPermission class
- definition, 1.1.3, 1.1.3
- RealmPrincipal interface, 2.3
- realms
- adding and removing with the JAZN Admintool, 10.5, B.3, B.5
- adding in JAZN Admintool, B.7
- creating, 8.5
- default, 8.12
- definition, 2.2.3, 2.2.3, 2.3
- deleting, 8.6
- JAAS Provider support, 2.3
- listing in JAZN Admintool, B.19
- listing with the JAZN Admintool, B.17
- with JAAS, 2.2.3
- -remperm option to JAZN Admintool, 10.5, B.3, B.5
- -remprncpl option to JAZN Admintool, B.6
- -remrealm option to JAZN Admintool, B.7
- -remrole option to JAZN Admintool, B.8
- -remuser option to JAZN Admintool, B.9
- retrieving authentication information, 3.4.2
- -revokeperm option to JAZN Admintool, 6.3.2, B.12
- revoking
- permissions, 6.3.2, 8.8
- roles, 8.10
- roles in JAZN Admintool, B.13
- rm command, B.24.1.9
- RMI permission
- granting, 6.3.1
- RMI/IIOP, 15
- role activation
- definition, 2.6.2
- role hierarchy
- definition, 2.6.1
- RoleAdminPermission class
- definition, 1.1.3, 1.1.3
- role-based access control (RBAC), 2.2.2
- definition, 2.6
- role activation, 2.6.2
- role hierarchy, 2.6.1
- roles, 1.4
- adding and removing with the JAZN Admintool, B.8
- adding in JAZN Admintool, B.8
- definition, 2.6
- granting, 8.9
- granting in JAZN Admintool, B.13
- listing in JAZN Admintool, B.20
- listing with the JAZN Admintool, B.20
- mapping, 6.2
- revoking, 8.10
- revoking in JAZN Admintool, B.13
- using the J2EE security roles, 3.5.1
- with JAAS, 2.2.2
- run-as element, 2.6.2
- runAs security identity, 12.2.2.4
- runas-mode, 4.10.1
- RuntimePermission, 12.2.1
S
- sample application
- AccessTest1, A.3.1
- secure socket layer (SSL)
- integration with Basic authentication, 3.3.6
- integration with JAAS Provider, 3.3.5
- Secure Sockets Layer. See SSL
- security, 12.2.2
- keys and certificates, 11.1
- OC4J and OHS configuration, 11.3
- permissions, 12.2.1
- requesting client authentication, 11.4, 13.2
- SSL common problems and solutions, 11.5.1
- SSL debugging, 11.5.2
- using certificates with OC4J and OHS, 11.2
- security role
- using in the web.xml file, 3.5.1
- security roles
- mapping, 6.2
- SecurityManager, 1.1.2
- SecurityManager.checkPermission, 3.5
- selecting
- UserManager, 6.1
- <sep-property> element, 15.2, 15.3
- Servlet.service, 3.5
- session cache, 5.4
- set command, B.24.1.10
- -setpasswd option to JAZN Admintool, B.23
- setting a password, 6.3.2, B.12
- -shell option to JAZN Admintool, B.24
- signon
- component-managed vs. container-managed, 17.1.2
- single sign-on, 3.3.3, 3.4
- integration with JAAS Provider, 3.3.4
- SocketPermission, 12.2.1
- SSL, 1.5.1, 3.3.3
- authentication method, 3.3.3
- LDAP properties, 5.5
- use with Oracle Internet Directory and JAAS Provider, 5.5.1
- starting
- JAZN Admintool, B.2
- subject
- definition, 4.10.1
- Subject.doAs method, 2.6.2, 3.5
- associating a subject with AccessControlContext, 1.3
- invoking, 2.2.1
- subject.doAs(), 4.10.1, 18.5
- subjects, 1.3
- definition, 1.3
- with JAAS, 1.3
- Sun Java System Application Server
- as LDAP provider, 9.4
T
- target names
- definition, 1.1.1
- <transport-config> element, 15.5.1
- troubleshooting, 18.1
- custom LoginModules, 18.3
- trustpoint, 1.5.2
- truststore
- definition, 15.2
U
- user communities, 2.2.3
- user manager
- definition, 1.4
- user repository
- definition, 1.4
- jazn-data.xml, 2.4, 2.4.1
- Oracle Internet Directory, 2.4, 2.4.1
- principals.xml, 2.4, 2.4.2
- UserManager
- selecting, 6.1
- specifying, 4.7.2
- users
- adding and removing with the JAZN Admintool, B.9
- adding in JAZN Admintool, B.9
- creating, 8.1, 8.3
- creating in LDAP, 7.1.1
- deleting, 8.4
- listing in JAZN Admintool, B.21
- listing with the JAZN Admintool, B.21
V
- variables
- LD_LIBRARY_PATH, 2.7, 7.1.2, 18.2
W
- web.xml, 4.9.1
- using the J2EE security role, 3.5.1
X
- XML-based provider, 2.1.1, 2.4.1
- configuring, 8
- XML-based provider type, 2.4.1
- XMLUserManager class, 2.4, 2.4.2
