User's Manual
vii
4 Configuring Network Data Encryption and Integrity for Thin JDBC Clients
About the Java Implementation....................................................................................................... 4-1
Java Database Connectivity Support......................................................................................... 4-1
Securing Thin JDBC...................................................................................................................... 4-2
Implementation Overview.......................................................................................................... 4-3
Obfuscation.................................................................................................................................... 4-3
Configuration Parameters.................................................................................................................. 4-4
Client Encryption Level: ORACLE.NET.ENCRYPTION_CLIENT....................................... 4-4
Client Encryption Selected List: ORACLE.NET.ENCRYPTION_TYPES_CLIENT............ 4-5
Client Integrity Level: ORACLE.NET.CRYPTO_CHECKSUM_CLIENT............................ 4-5
Client Integrity Selected List: ORACLE.NET.CRYPTO_CHEKSUM_TYPES_CLIENT .... 4-6
Part III Oracle Advanced Security Strong Authentication
5 Configuring RADIUS Authentication
RADIUS Overview............................................................................................................................. 5-1
RADIUS Authentication Modes...................................................................................................... 5-3
Synchronous Authentication Mode........................................................................................... 5-3
Challenge-Response (Asynchronous) Authentication Mode................................................. 5-5
Enabling RADIUS Authentication, Authorization, and Accounting....................................... 5-8
Task 1: Install RADIUS on the Oracle Database Server and on the Oracle Client.............. 5-9
Task 2: Configure RADIUS Authentication.............................................................................. 5-9
Task 3: Create a User and Grant Access.................................................................................. 5-17
Task 4: Configure External RADIUS Authorization (optional)........................................... 5-17
Task 5: Configure RADIUS Accounting.................................................................................. 5-19
Task 6: Add the RADIUS Client Name to the RADIUS Server Database.......................... 5-20
Task 7: Configure the Authentication Server for Use with RADIUS.................................. 5-20
Task 8: Configure the RADIUS Server for Use with the Authentication Server............... 5-20
Task 9: Configure Mapping Roles............................................................................................ 5-21
Using RADIUS to Log In to a Database....................................................................................... 5-22
RSA ACE/Server Configuration Checklist................................................................................... 5-22
6 Configuring Kerberos Authentication
Enabling Kerberos Authentication ................................................................................................. 6-2