Framework 4 Features: Login Id Support

Given that Oracle Utilities Application Framework 4 is available as part of Mobile Work Force Management and other product progressively I am preparing a number of short but sweet blog entries highlighting some of the new functionality that has been implemented.

This is the first entry and it is on a new security feature called Login Id.

In past releases of the Oracle Utilities Application Framework, the userid used for authentication and authorization was limited to eight (8) characters in length. This mirrored what the market required in the past with LAN userids and even legacy userids being that length. The technology market has since progressed to longer userid lengths. It is very common to hear that email addresses are being used as credentials for production systems.

To achieve this in past versions of the Oracle Utilities Application Framework, sites had to introduce a short userid (8 characters in length) as an alias in your preferred security store. You then configured your J2EE Web Application Server to use the alias as credentials. This sometimes was a standard feaure of the security store and/or the J2EE Web Application Server, if you were lucky. If not, some java code has to be written to implement the solution.

In Oracle Utilities Application Framework 4 we introduced a new attribute on the user object called Login Id. The Login Id can be up to 256 characters in length and is an alternative to the existing userid stored on the user object. This means the Oracle Utilities Application Framework can support both long and short userids.

For backward compatibility we use the Login Id for authentication but the short userid for authorization and auditing. The user object within the Oracle Utilities Application Framework holds the translation. Backward compatibility is always a consideration in any of our designs for future or changed functionality. You will see reference to this fact in the blog entries I will be composing over the next few months.

We have also thought about the flexibility in implementing this feature.


  • The Login Id can be the same value of the Userid (the default for backward compatibility) or can be different.

  • Both the Login Id and Userid have to be unique. This avoids sharing of credentials and is also backward compatible.

  • You can manually enter the Login Id or provision it from Oracle Identity Manager (or other tool).

  • If you use the Login Id only, then we will not autogenerate a short userid automatically as the rules for this can vary from site to site. You have a number of options there. Most Identity provisioning tools can generate a short userid at user creation time and this can be used. If you do not use provisioning tools, then you can write a class extension using the SDK to autoegenerate the userid based upon your sites preference. When we designed the feature there were lots of styles of generating userids (random, initial and surname, numbers etc). We could not really see a clear winner in that respect so we just allowed the extension to be inserted in if necessary. Most customers indicated to us that identity provisioning was the preferred way. This is why we released an Oracle Identity Manager integration with the framework.

  • The Login id is case sensitive now which was not supported under userid.

The introduction of the Login Id allows the product to offer flexible options when configuring security whilst maintaining backward compatibility.

For more information about Login Id refer to the KB Article on My Oracle Support 773473.1 - Oracle Utilities Application Framework Security Overview

Comments:

Tony, Do you know what is the plan for implementing Oracle FW 4.0 for Oracle CC&B? Regards, Sanjay

Posted by Sanjay Narvekar on May 12, 2010 at 06:18 PM EST #

I am not sure exactly when they will be using the new version. You will need to follow that up with Support or your local CC&B sales/product manager.

Posted by Anthony Shorten on May 13, 2010 at 09:22 AM EST #

Anthony, It´s possible install OUF4 with ETm 2.2.1 ? Regards Javier

Posted by Javier Alvarado on February 16, 2011 at 03:09 AM EST #

Post a Comment:
  • HTML Syntax: NOT allowed
About

Anthony Shorten
Hi, I am Anthony Shorten, I am the Principal Product Manager for the Oracle Utilities Application Framework. I have been working for over 20+ years in the IT Business and am the author of many a technical whitepaper, manual and training material. I am one of the product managers working on strategy and designs for the next generation of the technology used for the Utilities and Tax markets. This blog is provided to announce new features, document tips and techniques and also outline features of the Oracle Utilities Application Framework based products. These products include Oracle Utilities Customer Care and Billing, Oracle Utilities Meter Data Management, Oracle Utilities Mobile Workforce Management and Oracle Enterprise Taxation and Policy Management. I am the product manager for the Management Pack for these products.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
9
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today