User's Manual
Enabling RADIUS Authentication, Authorization, and Accounting
Configuring RADIUS Authentication 5-11
Create the RADIUS Secret Key File on the Oracle Database Server
1. Obtain the RADIUS secret key from the RADIUS server. For each RADIUS
client, the administrator of the RADIUS server creates a shared secret key,
which must be longer than 16-characters.
2. On the Oracle database server, create a directory:
■ (UNIX) $ORACLE_HOME/network/security
■ (Windows) ORACLE_HOME\network\security
3. Create the file radius.key to hold the shared secret copied from the RADIUS
server. Place the file in the directory you just created in Step 2.
4. Copy the shared secret key and paste it (and nothing else) into the radius.key
file created on the Oracle database server.
5. For security purposes, change the file permission of radius.key to read only,
accessible only by the Oracle owner (Oracle relies on the file system to keep this
file secret).
Configure RADIUS Parameters on the Server (sqlnet.ora file)
Use Oracle Net Manager to configure RADIUS parameters on the server (See
"Starting Oracle Net Manager" on page 2-2):
1. Navigate to the Oracle Advanced Security profile. (See "Navigating to the
Oracle Advanced Security Profile" on page 2-3) The Oracle Advanced Security
tabbed window appears (Figure 5–4).
2. Choose the Authentication tab.
3. From the Available Methods list, select RADIUS.
4. Move RADIUS to the Selected Methods list by choosing the right-arrow [>].
5. To arrange the selected methods in order of desired use, select a method in the
Selected Methods list, and choose Promote or Demote to position it in the list.
For example, if you want RADIUS to be the first service used, put it at the top of
the list.
6. Choose the Other Params tab. The Other Params window appears (Figure 5–5):
See Also: The RADIUS server administration documentation, for
information about obtaining the secret key