cancel
Showing results for 
Search instead for 
Did you mean: 

Authentication solution for SA using Oracle Database and Velis Server (Vasco)

NDCool_
Contributor

Authentication solution for SA using Oracle Database and Velis Server (Vasco)

Hi Guys,

I have project at my customer to implement SSL VPN to their bussines application.

Their existing application using Oracle for user database, and Velis Server (Vasco) for response one tipe password.

For now, when user want to login to their application, user only put the username and put the one time password.

communication between Oracle and Velis server using API with "jar" file as middleware.

So, how Juniper SA can be used on their application. As i know, SA must point to Auth Server to get user database and also add the Velis Server to get one tipe password response for user.

But, SA will do 2 process, first SA do Authenticate, second get the one tipe password respone for the user.

Can we configure SA as like as their current application ? SA only do 1 process, authentication+response one time passwod ?

By the way, how SA can get user database from Oracle ? Must have middleware also like SBR??
Can SA using API also??

Thanks,

=ND=

Message Edited by NDCool on 06-19-2008 08:55 AM
3 REPLIES 3
NDCool_
Contributor

Re: Authentication solution for SA using Oracle Database and Velis Server (Vasco)

anyone can help me??
ben_
Frequent Contributor

Re: Authentication solution for SA using Oracle Database and Velis Server (Vasco)

So if I see this right, the userobjects for the app are held in an oracle DB, and the authentication is done with Vascos Tokensolution?

I would authenticate the Vasco stuff via RADIUS (as proxy for the vasco server, if this does not support radius directly). After a successfull authentication on the SA either do a SSO form POST to post the username to the app or feed it inside the header.

But you should make sure then, that the app-server is only reacting on that username for requests coming from the SAs internal IP (in case you really use both NICs).

NDCool_
Contributor

Re: Authentication solution for SA using Oracle Database and Velis Server (Vasco)

Hi Ben,

thanks for ur reply, in this case we will using SBR as auth server for SA, but can SBR in onetime do process check username then get the OTP for that username??

The flow may be like this :

| SA | ----> | SBR |

|

_____________

| |

| Oracle | | Velis |

any suggest for this ?

grds,

=ND=

Message Edited by NDCool on 07-13-2008 09:22 AM