|Oracle9i Directory Service Integration and Deployment Guide
Release 1 (9.0.1)
Part Number A90153-01
This chapter introduces Oracle directory-enabled products and Oracle Internet Directory. In addition, it takes a brief look at strategies to integrate the Oracle technology stack with third-party directories.
The chapter covers the following topics:
Oracle and other enterprises increasingly use directories compliant with Lightweight Directory Access Protocol (LDAP) to centralize information storage. This information might consist of user names, passwords, e-mail addresses, and network devices such as printers, or it might determine which users are allowed database access. Centralizing this information reduces the need to manage it on multiple databases.
Many Oracle products are currently certified to work with Oracle Internet Directory. In addition, work is underway on strategies to use Oracle Internet Directory to provide interoperability between the entire Oracle technology stack and selected third-party directories. By addressing the entire technology stack, instead of individual components, interoperability and testing can be isolated to a single component: Oracle Internet Directory.
The following Oracle9i products use Oracle Internet Directory:
Oracle Net Services encompasses features that provide database access control, network connectivity, manageability, and scalability. Oracle Net, an Oracle Net Services component, uses Oracle Internet Directory as a primary method for storing and resolving database connect identifiers.
Oracle Advanced Security provides a number of features that protect enterprise networks. These features encompass encryption, authentication, single sign-on, and security protocols. Oracle Advanced Security uses Oracle Internet Directory as a central repository for user authentication and authorization information.
Application Context is a database security feature that enables you to base applications on a user's session information. A centrally initialized application context uses Oracle Internet Directory to store the context's values.
Oracle Advanced Queuing is a feature that enables distributed applications to send messages to one another asynchronously. Oracle Advanced Queuing uses Oracle Internet Directory to store metadata for global topics and registrations.
Oracle Dynamic Services provides e-businesses with a method for registering and reusing Internet, Intranet, and database information services. Oracle Dynamic Services uses the directory to store service definitions and application profiles.
Oracle Internet Directory is Oracle's directory service compliant with LDAP version 3. It runs as an application on the Oracle9i database, which may or may not reside on the same operating system. To communicate with the database, Oracle Internet Directory uses Oracle Net Services, remote data-access software that enables client-to-server and server-to-server communication across any network.
Oracle Internet Directory's scalability, high availability, and security features make it the directory of choice for enterprise applications.
Because it runs on powerful Oracle9i, Oracle Internet Directory can store terabytes of information. At the same time, multithreading and database connection pooling enable it to handle thousands of concurrent users and achieve subsecond search response times.
Oracle Internet Directory supports all Oracle 9i high-availability solutions and technologies, such as clustered "logical hosts," Real Application Clusters, failover, and multimaster replication. These solutions ensure that, if one server fails, a user can access the most current information from another server.
Oracle Internet Directory has comprehensive and flexible security features. The security administrator can confine access to specific directory objects or expand it to entire directory subtrees. Three levels of security are possible: anonymous, password-based, and certificate-based using Secure Sockets Layer version 3.
Oracle Internet Directory includes the Oracle Directory Integration Platform. This platform synchronizes data between Oracle Internet Directory and different directories within an organization. These directories might include NOS directories, groupware address books, applications such as HR, and metadirectories.
Metadirectories consolidate disparate information by propagating changes to the different directories that an organization contains. The Oracle Directory Integration Platform enables customers to build a single directory with a global directory entry that contains information from multiple sources.
Oracle Directory Integration Platform consists of the following components: