Last updated on MARCH 08, 2017
Applies to:Oracle Access Manager - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
In 10g environment, during authentication depending on the authentication method that user choose, he is able to programmatically change the authentication level that is set on the user's cookie session if he use an authentication method deemed stronger than others.
Here are some examples from our 10g environment:
1) A user is given the option to choose an authentication method - password or X509 certificate. If they choose password they get a level 50 value but if they choose X509 they get a level 60.
2) A user authenticates with an X509 certificate. A user can have a lower security value X509 certificate or they could have a higher-security X509 certificate for the some reason. In that case, the low-security certificate should get security-level 70 whereas the higher-level one has security level 90, but both authentication types are X509.
Link to the OAM 10g document to describe API that helps accomplish this functionality: http://docs.oracle.com/cd/E12530_01/oam.1014/b32420/v2authen.htm#CACJGFII
How to implement this 10g functionality in 11g?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms