Вы находитесь на странице: 1из 13

6

D48291GC10 ORACLE Utilities Customer Care &


Billing Configuration Ed 1

Module 07 Security Configuration

Copyright 2008, Oracle. All rights reserved.

Objectives

After completing this Security Configuration module, you


should be able to:
Understand the basics of security in CC&B.
Understand how to implement security configuration.

6-2

Copyright 2008, Oracle. All rights reserved.

Security Components

Security Repository
(e.g. LDAP)
Verify

Synchronize

6-3

Authentication

Who Are
You?

Authorization

What Can
You Do?

Copyright 2008, Oracle. All rights reserved.

Security Overview
Browser:
Logon prompt
Session cookie - cookie expires on
inactivity timeout or browser closure.

Web Application Server:


Provides authentication mechanism
Integration to external security repository
Authorization services NOT used
Business Application Server:
Provides authorization model

Database Server:
Common database userid shared within
connection pool.

6-4

Copyright 2008, Oracle. All rights reserved.

Authentication Support

Provided by the Web Application Server software


(WebLogic/WebSphere/Tomcat/Oracle AS)
Can integrate with external security realms (LDAP,
DBMS, Unix, etc)
Can use Digital Certificates (1-way or 2-way)
Password rules are basic in Web Application Server
heavily set rules rely on external security realms.
XAI includes an LDAP Import to synchronize
authentication/authorization information.

6-5

Copyright 2008, Oracle. All rights reserved.

Process for application security definition

1.
2.
3.
4.
5.
6.
7.

6-6

Create User Groups within CC&B.


Connect User Groups to transactions within CC&B
Create User definitions within CC&B
Attach Users to User Groups within CC&B
Create User definitions in Web Application Server
Attach Users to Groups in Web Application Server
(Optional) Create Users in Security Realm

Copyright 2008, Oracle. All rights reserved.

Authorization Model
Functional Security

Data Security
Service

Account

Security Type

Authorization
Level

User
Group/Service

User Group

Access Group

Data Access
Tender Source

Access Mode

6-7

User
User Group
(edate)

User

To Do Role

Favourite Link

Portal Preference

Menu Item

Zone

Language

Copyright 2008, Oracle. All rights reserved.

Display Profile

User Preferences

User Administration

6-8

Copyright 2008, Oracle. All rights reserved.

Implementation Tip: Security

6-9

Use Internal LDAP Realm in non-production.


Consider LDAP or other realm for Production.
Remember Oracle Utilities Customer Care & Billing userids
are up to 8 chars in length and UPPER case.
Consider mapping security credentials for non-compatible
security systems.
Supports one-way and two-way digital certificate base
authentication but requires setup.
Don't forget that Authorization is also included in security.

Copyright 2008, Oracle. All rights reserved.

Summary

In this Security Configuration module, you should have


learned how to:
Understand the basics of security in CC&B.
Understand how to implement security configuration

6 - 10

Copyright 2008, Oracle. All rights reserved.

Any Questions?

6 - 11

Q&
A
Copyright 2008, Oracle. All rights reserved.

6 - 12

Copyright 2008, Oracle. All rights reserved.

6 - 13

Copyright 2008, Oracle. All rights reserved.

Оценить