Replication Security

This section contains these topics:

• Authentication and the Directory Replication Server

• Secure Sockets Layer (SSL) and Oracle Internet Directory Replication

Authentication and the Directory Replication Server

Authentication is the process by which the Oracle directory replication server establishes the true identity of itself when connecting to the directory server. It occurs when an LDAP session is established by means of an ldapbind operation.

It is important that the directory replication server be properly authenticated before it is allowed access to the directory.

The directory replication server uses a unique identity and a password to authenticate with the directory server. The identity of the directory replication server is of the form cn=replication dn,orclreplicaid=unique_identifier_of_node,cn=replication configuration.

When it starts, the directory replication server reads its identity and password from an Oracle Internet Directory secure wallet, and uses these credentials for authentication. If you want to change the password for the replication bind DN, then you must use the Replication Environment Management Tool -pchgpwd option.

See Also: "The Replication Environment Management Tool"

Secure Sockets Layer (SSL) and Oracle Internet Directory Replication

You can deploy Oracle Internet Directory replication with or without SSL.

To configure LDAP-based replication to use SSL encryption, in the orclReplicaURI attribute, which contains the supplier contact information, specify the port number of the SSL port.

To configure Oracle9i Advanced Replication to use SSL encryption, use Oracle Advanced Security.

See Also: Oracle Advanced Security Administrator's Guidefor information on how to configure Oracle9i Advanced Replication to use SSL encryption