Table of Contents
Advertisement
Enabling RADIUS Authentication, Authorization, and Accounting
Field
Number of Retries
Secret File
5.
Configure Challenge-Response
The challenge-response (asynchronous) mode presents the user with a graphical
interface requesting first a password, then additional information—for example, a
dynamic password that the user obtains from a token card. With the RADIUS
adapter, this interface is Java-based to provide optimal platform independence.
5-14 Oracle Database Advanced Security Administrator's Guide
Description
Specifies the number of times the Oracle database server
resends messages to the primary RADIUS server. The default is
three retries.
For instructions on configuring RADIUS accounting, see:
5: Configure RADIUS Accounting
Specifies the location of the secret key on the Oracle database
server. The field specifies the location of the secret key file, not
the secret key itself.
For information about specifying the secret key, see:
RADIUS Secret Key File on the Oracle Database Server
page 5-11.
Choose File > Save Network Configuration.
The
file is updated with the following entries:
sqlnet.ora
SQLNET.RADIUS_AUTHENTICATION_PORT=(PORT)
SQLNET.RADIUS_AUTHENTICATION_TIMEOUT=
(NUMBER OF SECONDS TO WAIT FOR response)
SQLNET.RADIUS_AUTHENTICATION_RETRIES=
(NUMBER OF TIMES TO RE-SEND TO RADIUS server)
SQLNET.RADIUS_SECRET=(path/radius.key)
Third party vendors of authentication devices must
Note:
customize this graphical user interface to fit their particular device.
For example, a smart card vendor would customize the Java
interface so that the Oracle client reads data, such as a dynamic
password, from the smart card. When the smart card receives a
challenge, it responds by prompting the user for more information,
such as a PIN.
on page 5-19.
Create the
on
Task
Advertisement
Chapters
Table of Contents
Troubleshooting
Need help?
Do you have a question about the Oracle Database B10772-01 and is the answer not in the manual?