Updating UDS Configurations

The User Data Service (UDS) enables access to the third-party data repositories in your organization. The UDS enables CA Risk Authentication Server and to access your existing data and leverage end-user information. Your data repository is not duplicated in the respective CA product.
aatest
The User Data Service
(UDS) enables access to the third-party data repositories in your organization. The UDS enables CA Risk Authentication Server and
Advanced Authentication
to access your existing data and leverage end-user information. Your data repository is
not
duplicated in the respective CA product.
CA Risk Authentication can access user data either from a relational database (RDBMS) or directly from an LDAP server. 
  • For relational databases, seed the database with the CA Risk Authentication schema as a part of the post-installation configurations.
  • For LDAP directory serves,
     
    deploy the User Data Service as a part of the post-installation configurations.
Updating UDS Connectivity Configuration
Use the UDS Connectivity Configuration page to update the default UDS connectivity settings.
Follow these steps:
  1. Ensure that you are logged in as the MA.
  2. Activate the 
    Services and Server Configurations
     tab.
  3. Click the 
    Administration Console
    option on the submenu of the tab.
  4. Under the 
    System Configuration
     section on the side-bar menu, click the 
    UDS Connectivity Configuration
     link to display the page.
  5. Specify the parameters, explained in the following table, on the page. All the enabled parameters on this page are mandatory.
    Parameter
    Default Value
    Description
    Protocol
    TCP
    The protocol to connect to the UDS service by using
    Advanced Authentication
    . The available options are:
    TCP:
    Implements unencrypted information exchange between UDS and CA Strong Authentication, CA Risk Authentication Server, and the CA Risk Authentication Database.
    One-Way SSL:
    Implements SSL communication between UDS and CA Risk Authentication components. The CA Risk Authentication components must present their certificates when accessing UDS.
    Two-Way SSL:
    If you want to implement SSL communication between UDS and CA Risk Authentication components, and both UDS and CA Risk Authentication components must present their certificates during information exchange.
    Host
    localhost
    The IP address or host name where the UDS service is available.
    Port
    8080
    The port at which the UDS service is available.
    Application Context Root
    arcotuds
    The application context that is specified when UDS is deployed on the application server.
    Connection Timeout (in milliseconds)
    30000
    Maximum time in milliseconds before the UDS service is considered unreachable.
    Read Timeout (in milliseconds)
    10000
    The maximum time in milliseconds to wait for a response from UDS.
    Idle Timeout (in milliseconds)
    30000
    The number of milliseconds after which an idle connection is closed.
    Server Root Certificate
     
    The path to the Certificate Authority (CA) certificate file of the UDS server. The file must be in PEM format.
    Note:
    This field is disabled if you selected the TCP option in the Protocol field.
    Client Certificate
     
    The path to the CA certificate file of
    Advanced Authentication
    . The file must be in PEM format.
    Note:
    This field is disabled if you selected the
    TCP
    or
    One-Way SSL
    option in the Protocol field.
    Client Private Key
     
    The location of the file that contains the CA's private key. The path can be an absolute path or relative to ARCOT_HOME.
    Note:
    This field is disabled if you selected the TCP or One-Way SSL option in the Protocol field.
    Minimum Connections
    4
    The minimum number of connections that created between CA Risk Authentication Server and the UDS server.
    Maximum Connections
    32
    The maximum number of connections created between CA Risk Authentication Server and the UDS server.
  6. Click 
    Save
     to save the changes you made.
  7. Refresh 
    all
     deployed CA Risk Authentication Server instances.
    See Refreshing the Cache for more information.
Updating the UDS Parameters
Use the UDS Configuration page to update the UDS parameters.
Follow these steps
:
  1. Ensure that you are logged in as the MA.
  2. Activate the 
    Services and Server Configurations
     tab.
  3. Click the 
    Administration Console
     option on the submenu of the tab.
  4. Under the 
    UDS Configuration
     section on the side-bar menu, click the 
    UDS Configuration
     link to display the page.
  5. Specify the parameters from the following table:
    Parameter
    Default Value
    Description
    Search Configuration
    Maximum Search Return Count
    500
    The maximum number of records that are returned for all
    Search
    operations in
    Advanced Authentication
    .
    LDAP Configuration
    Note:
    These fields cannot be edited using
    Advanced Authentication
    . For information about configuring these parameters, see the
    CA Risk Authentication Installation and Deployment Guide
    .
    LDAP Connection Pool Initial Size
    NA
    The initial number of connections between UDS and LDAP that are created in the pool.
    LDAP Connection Pool Maximum Size
    NA
    The maximum number of connections that are allowed between UDS and LDAP.
    LDAP Connection Pool Preferred Size
    NA
    The preferred number of connections between UDS and LDAP.
    LDAP Connection Pool Timeout
    (in milliseconds)
    NA
    The period for which UDS waits for a response from LDAP, when a new connection is requested.
    Authentication and Authorization Token Validity Configuration
    Purge Interval (in seconds)
    3600
    The maximum interval after which an authentication token is purged from the database,
    after
    the token expires.
    Validity Period (in seconds)
    86400
    The maximum period (default is one day) after which an issued authentication token expires.
  6. Click 
    Save
     to save the changes you made.
  7. Refresh 
    all
     deployed CA Risk Authentication Server instances.
    See Refreshing the Cache for instructions.