Free Preparation Discussions
MENU
Oracle Exam 1Z0-599 Topic 4 Question 12 Discussion
Topic #: 4
A customer has a WebTrade application that initially uses the embedded LDAP to authenticate users. To enhance security, the customer decides to use OAM to authenticate some of the users against an external LDAP store. For this to work, a customer configured an OAMAuthenticator, but was not sure what to select for the Control Flag. What Control Flag should the customer choose?
Note:
* When you configure multiple Authentication providers, use the JAAS Control Flag for each provider to control how the Authentication providers are used in the login sequence.
You can choose the following the JAAS Control Flag settings, among others:
REQUIRED---The Authentication provider is always called, and the user must always pass its authentication test. Regardless of whether authentication succeeds or fails, authentication still continues down the list of providers.
SUFFICIENT---The user is not required to pass the authentication test of the Authentication provider. If authentication succeeds, no subsequent Authentication providers are executed. If authentication fails, authentication continues down the list of providers.
OPTIONAL---The user is allowed to pass or fail the authentication test of this Authentication provider. However, if all Authentication providers configured in a security realm have the JAAS Control Flag set to OPTIONAL, the user must pass the authentication test of one of the configured providers.
* Example:
Setting the Order of Providers
Re-order the OAM Identity Asserter, OID Authenticator, and Default Authenticator by ensuring that the control flag for each authenticator is set as follows:
OAMAuthenticator (REQUIRED)
OracleInternetDirectoryAuthenticator (SUFFICIENT)
DefaultAuthenticator (SUFFICIENT)
Currently there are no comments in this discussion, be the first to comment!