Need A Way To Change The Authentication Level During The Authentication Process (Doc ID 2123644.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Goal

In 10g environment, during authentication depending on the authentication method that user choose, he is able to programmatically change the authentication level that is set on the user's cookie session if he use an authentication method deemed stronger than others.

Here are some examples from our 10g environment:
1) A user is given the option to choose an authentication method - password or X509 certificate. If they choose password they get a level 50 value but if they choose X509 they get a level 60.
2) A user authenticates with an X509 certificate. A user can have a lower security value X509 certificate or they could have a higher-security X509 certificate for the some reason. In that case, the low-security certificate should get security-level 70 whereas the higher-level one has security level 90, but both authentication types are X509.

Link to the OAM 10g document to describe API that helps accomplish this functionality: http://docs.oracle.com/cd/E12530_01/oam.1014/b32420/v2authen.htm#CACJGFII

How to implement this 10g functionality in 11g?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms