Security FAQ Follow
External users accessing just their application or applications. Is this done in AuraPlayer or does the security need to be added to the form?
The users are going to access the application using their usernames/credentials in ATS (Forms), then they inherit all the customizations and roles that they have in the existing system. In addition, if needed, we can add another layer of authentication/authorization in AuraPlayer - depending on what system you want to integrate with the user management.
Does AuraPlayer allow different levels of security for fields or is this delegated to the ATS Form? editable field vs view only vs not shown at all?
Again, AuraPlayer is flexible. We can either put JavaScript Security validations in the HTML app we create at the field level, or delegate validation to the Forms application. Both options are possible.
Does AuraPlayer have field masking? SSN can be entered but must be masked as sensitive information.
Answer: Yes fields are masked with ******
Do you support OID LDAP and Kerberos tickets?
We can definitely have our server URL running on Microsoft Azure.
We do not store any credentials on our system. Credentials are always encrypted.
AuraPlayer is installed on premise on Weblogic or Tomcat. Then we inherit out-of-the-box all the Weblogic / Tomcat security features including advanced security such as SAML. For example, Basic Authentication, SAML, NTLM, Kerberos, etc. You can initiate it for user login purposes and for all services authentication.
Read more about our security policies here and here .
How does AuraPlayer handle security?
AuraPlayer can integrate with any access/authentication rules required in the organization. AuraPlayer supports all security standards including OAuth 2.0, Active Directory - Azure ID, Custom Secure ticket authentication, Oracle applications, Tomcat or WebLogic authentication, etc. It can also integrate and authenticate with external IDM tools such as OKTA, Oracle Access Manager (OAM), Microsoft Active Directory, AWS Identity and Access Management (IAM), etc. All services are verified, encrypted, validated, and can be configured for a session time expiration. AuraPlayer ensures application and DB security as well, by communicating with the back-end using Oracle’s encrypted protocol. Read more here.
We currently have column-based encryption – The Encryption Wizard for Oracle. How will you meet this minimum requirement and how your solution would enable us to address further encryption requirements?
Check out these 2 articles:
- AuraPlayer ServiceManager Deployment and Security Options
- How does AuraPlayer handle security
- Ticket Authentication
Feel free to reach out to one of our experts at support@auraplayer.com or open a ticket at the link above.
Comments
0 comments
Please sign in to leave a comment.