Skip Headers
Oracle® Identity Management Application Developer's Guide
10g Release 2 (10.1.2)
Part No. B14087-01
  Go To Table Of Contents
Contents		 Go To Documentation Library
Home		 Go To Product List
Solution Area
Previous
Previous 		 

Index

A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  R  S  T  U  V  W 

Numerics

389 port, A.2.2.1.1, A.2.2.3.1
636 port, A.2.2.1.1, A.2.2.3.1

A

abandoning an operation, 8.2.10
access control, 2.2.4, 2.2.4.2, 2.2.4.2
and authorization, 2.2.4.2
access control information (ACI), 2.2.4.2
attributes, 2.2.4.2
directives
format, 2.2.4.2
Access Control List (ACL), 2.2.4.2
access control lists (ACLs), 2.2.4.2
ACI. See access control information (ACI)
ACLs. See Access Control List (ACL)
add.log, A.3.3
administration tools
ldapadd, A.3.2
ldapaddmt, A.3.3
ldapbind, A.3.4
ldapcompare, A.3.5
ldapdelete, A.3.6
ldapmoddn, A.3.7
ldapmodify, A.3.8
ldapmodifymt, A.3.9
ldapsearch, A.3.10
agent tools, A.4
anonymous authentication, 2.2.4.1.1, 2.2.4.1.1
application login, 7.4.1
application logout, 7.4.2
application session cookie
clearing, 7.4
coding for, 7.4
applications, building
with the C API, 8.4
attribute options
searching for by using ldapsearch, A.3.10.1.6
attribute values, replacing, A.3.8
attributes
adding
by using ldapadd, A.3.2
concurrently, by using ldapaddmt, A.3.3
to existing entries, A.3.2
attribute options
searching for by using ldapsearch, A.3.10.1.6
deleting
by using ldapmodify, A.3.8
in LDIF files, A.1
types, 2.2.2
values, 2.2.2
deleting, A.3.8
authentication, 2.2.4, 2.2.4.1, 2.2.4.1
anonymous, 2.2.4.1.1, 2.2.4.1.2
certificate-based, 2.2.4.1.3
Kerberos, A.3.2, A.3.3, A.3.6
modes, SSL, 8.1.1, 8.1.1
one-way SSL, 2.2.4.1.3
options, 2.2.4.1
password-based, 2.2.4.1.2
SSL, 2.2.4.1.3, 2.2.4.1.3, 8.1.1
none, 8.1.1
one-way, 8.1.1
two-way, 8.1.1
with ldapadd, A.3.2
with ldapaddmt, A.3.3
with ldapbind, A.3.4
with ldapmodify, A.3.8
with ldapmodifymt, A.3.9
strong, 2.2.4.1.3
to a directory server
enabling, 2.5
enabling, by using DBMS_LDAP, 2.5.2
enabling, by using the C API, 2.5.1
to the directory, 8.2.4
two-way SSL, 2.2.4.1.3
authentication, simple, 7.3.3.1
authorization, 2.2.4, 2.2.4.2
authorization ID, 2.2.4.1

B

base search, A.3.10
bootstrap command, in Directory Integration and Provisioning Assistant, A.4.1.5
bulk tools, 1.6.4

C

C API
functions
abandon, 8.2.10.1
abandon_ext, 8.2.10.1
add, 8.2.9.7, 8.2.9.7
add_ext_s, 8.2.9.7
add_s, 8.2.9.7
compare, 8.2.9.4
compare_ext, 8.2.9.4
compare_ext_s, 8.2.9.4
compare_s, 8.2.9.4
count_entries, 8.2.14.1
count_references, 8.2.14.1
count_values, 8.2.14.3
count_values_len, 8.2.14.3
delete, 8.2.9.8
delete_ext, 8.2.9.8
delete_ext_s, 8.2.9.8
delete_s, 8.2.9.8
dn2ufn, 8.2.14.4
err2string, 8.2.12.1
explode_dn, 8.2.14.4
explode_rdn, 8.2.14.4
extended_operation, 8.2.9.9
extended_operation_s, 8.2.9.9
first_attribute, 8.2.14.2
first_entry, 8.2.14.1
first_message, 8.2.13.1
first_reference, 8.2.14.1
get_dn, 8.2.14.4
get_entry_controls, 8.2.14.5
get_option, 8.2.3.1
get_values, 8.2.14.3
get_values_len, 8.2.14.3
init_ssl call, 8.1.1.1
modify, 8.2.9.5
modify_ext, 8.2.9.5
modify_ext_s, 8.2.9.5
modify_s, 8.2.9.5
msgid, 8.2.11.1
msgtype, 8.2.11.1
next_attribute, 8.2.14.2
next_entry, 8.2.14.1
next_message, 8.2.13.1
next_reference, 8.2.14.1
parse_extended_result, 8.2.12.1
parse_reference, 8.2.14.6
parse_result, 8.2.12.1
parse_sasl_bind_result, 8.2.12.1
rename, 8.2.9.6
rename_s, 8.2.9.6
result, 8.2.11.1
sasl_bind, 8.2.4.1
sasl_bind_s, 8.2.4.1
search_st, 8.2.9.1
set_option, 8.2.3.1
simple_bind, 8.2.4.1
simple_bind_s, 8.2.4.1
unbind_ext, 8.2.8.1
unbind_s, 8.2.8.1
value_free, 8.2.14.3
value_free_len, 8.2.14.3
sample usage, 8.3
summary, 8.2.1
usage with SSL, 8.3.1, 8.3.1
usage without SSL, 8.3.2, 8.3.2
Catalog Management Tool
syntax, A.3.1
Catalog Management tool
syntax, A.3.1
catalog.sh
syntax, A.3.1
certificate authority, 2.2.4.1.3
certificate-based authentication, 2.2.4.1.3
certificates, 2.2.4.1.3
change logging, A.2.2.1.1
change logs
flag, A.2.2.1.1
toggling, A.2.2.1.1
change types, in ldapmodify input files, A.3.8
changetype attribute
add, A.3.8
delete, A.3.8
modify, A.3.8
modrdn, A.3.8
children of an entry, listing, 8.2.9.3
code examples
application login, 7.4.1
authentication, 7.3.3.1, 7.3.3.1
forced authentication, 7.3.3.3, 7.4.1.3
single sign-off, 7.3.3.2, 7.3.3.2
command-line tools
Directory Integration and Provisioning Assistant, A.4.1
ldapadd, A.3.2
ldapbind, A.3.4
ldapcompare, A.3.5
ldapdelete, A.3.6
ldapmoddn, A.3.7
ldapmodify, A.3.8
ldapmodifymt, A.3.9
ldapsearch, A.3.10
schemasync, A.4.2
syntax, A.3, A.3
components
Oracle Internet Directory SDK, 1.6.2
configuration set entries
modifying, A.2.2.6, A.2.2.6
overriding user-specified, A.2.2.2
controls, working with, 3.9.2, 3.9.5, 8.2.7

D

DAP Information Model, 2.2.2
DAS units, 6.1
DAS URL Parameter Descriptions, 12.3
DAS URL Parameters, 6.2.2
DAS URL parameters, 12.2
data
integrity, 2.2.4, 2.2.4.3, 2.2.4.3
privacy, 2.2.4, 2.2.4.4, 2.2.4.4
data-type summary, 9.3
DBMS_LDAP
about, Preface
DBMS_LDAP package, Preface
searching by using, 2.6
DBMS_LDAP_UTL
about, 11
data-types, 11.4
function return codes, 11.3
group-related subprograms
about, 11.1
function create_group_handle, 11.2.2.1
function get_group_dn, 11.2.2.4
function get_group_properties, 11.2.2.3
function set_group_handle_properties, 11.2.2.2
miscellaneous subprograms
about, 11.1
function check_interface_version, 11.2.5.10
function create_mod_propertyset, 11.2.5.6
function get_property_names, 11.2.5.2
function get_property_values, 11.2.5.3
function get_property_values_len, 11.2.5.4
function normalize_dn_with_case, 11.2.5.1
function populate_mod_propertyset, 11.2.5.7
procedure free_handle, 11.2.5.9
procedure free_mod_propertyset, 11.2.5.8
procedure free_propertyset_collection, 11.2.5.5
subscriber-related subprograms
about, 11.1
function create_subscriber_handle, 11.2.3.1
function get_subscriber_dn, 11.2.3.3
function get_subscriber_properties, 11.2.3.2
user-related subprograms
about, 11.1
function authenticate_user, 11.2.1.1
function check_group_membership, 11.2.1.8
function create_user_handle, 11.2.1.2
function get_group_membership, 11.2.1.10
function get_user_dn, 11.2.1.7
function get_user_extended_properties, 11.2.1.6
function get_user_properties, 11.2.1.4
function locate_subscriber_for_user, 11.2.1.9
function set_user_handle_properties, 11.2.1.3, 11.2.1.3
function set_user_properties, 11.2.1.5
debug
log files, viewing, A.2.2.2
default port
number, A.2.2.1.1, A.2.2.3.1
dependencies and limitations, 8.5
C API, 8.5
DES40 encryption, 2.2.4.4
directives, 2.2.4.2
Directory Information Tree, 2.2.1
directory information tree (DIT), 2.2.1
Directory Integration and Provisioning Assistant
bootstrap command, A.4.1.5
what it does, A.4.1
directory integration and provisioning server
registration tool, A.4.3
starting, A.2.2.4
stopping, A.2.2.5
directory replication server
starting, A.2.2.3, A.2.2.3.1
stopping, A.2.2.3.2, A.2.2.3.2
directory server discovery, 3.6
directory servers
restarting, A.2.2.6, A.2.2.6
starting
mandatory arguments, A.2.2.1.1
syntax, A.2.2.1.1
with default configuration, A.2.2.2
stopping, A.2.2.1.1
distinguished names, 2.2.1
components of, 2.2.1
format, 2.2.1
in LDIF files, A.1
DNs. see distinguished names.
documentation, related, Preface
dynamic directives
common types, 7.2.2
defined, 7.2.2, 7.2.2
programming languages supported, 7.2.2
dynamic password verifiers
controls, 3.9.2, 3.9.5
creating, 3.9.1
parameters, 3.9.2, 3.9.2

E

encryption
DES40, 2.2.4.4
levels available in Oracle Internet Directory, 2.2.4.4
RC4_40, 2.2.4.4
entries
adding
by using ldapadd, A.3.2, A.3.2
by using ldapaddmt, A.3.3, A.3.3
deleting
by using ldapdelete, A.3.6, A.3.6, A.3.6, A.3.6
by using ldapmodify, A.3.8
distinguished names of, 2.2.1
locating by using distinguished names
modifying
by using ldapmodify, A.3.8
concurrently, by using ldapmodifymt, A.3.9, A.3.9
naming, 2.2.1
reading, 8.2.9.2
searching
base level, A.3.10, A.3.10
by using ldapsearch, A.3.10, A.3.10
one-level, A.3.10, A.3.10
subtree level, A.3.10, A.3.10
errors
handling and parsing results, 8.2.11.1
exception summary, 9.2

F

filters, 2.6.3
IETF-compliant, A.3.10
ldapsearch, A.3.10.1
forced authentication, 7.3.3.3, 7.4.1.3
formats, of distinguished names, 2.2.1

G

GET authentication method, 7.3.4
global user inactivity timeout, 7.3.4
group entries
creating
by using ldapmodify, A.3.8

H

header files and libraries, required, 8.4
history of LDAP, 2.1
HTTP headers, 7.1

I

integrity, data, 2.2.4.3
interface calls, SSL, 8.1.1.1

J

Java, 1.6.1, 2.3.4
Java API reference
class descriptions
Property class, 3.1.2.2
PropertySet class, 3.1.2.2
PropertySetCollection class, 3.1.2.2
Java partner applications
dynamically protected, 7.3.3
statically protected, 7.3.2
Java partner applications, statically protected, 7.3.2
JAZN
see Oracle Application Server Java Authentication and Authorization Service
JNDI, 1.6.1, 2.3.4
JPEG images, adding with ldapadd, A.3.3

K

Kerberos authentication, A.3.2, A.3.3, A.3.6

L

LDAP
functional model, 2.2.3
history, 2.1
information model, 2.2.2
messages, obtaining results and peeking inside, 8.2.11
naming model, 2.2.1
operations, performing, 8.2.9
search filters, IETF-compliant, A.3.10
security model, 2.2.4
server instances
starting, A.2.2.1.1
session handle options, 8.2.3
in the C API, 2.5
sessions
initializing, 2.4
version 2 C API, 8.1
LDAP APIs, 1.6.3.3
LDAP Data Interchange Format (LDIF), A.1
syntax, A.1
LDAP Functional Model, 2.2.3
LDAP Models, 2.2
LDAP Naming Model, 2.2.1
LDAP Security Model, 2.2.4
ldapadd, A.3.2, A.3.2
adding entries, A.3.2
adding JPEG images, A.3.3
LDIF files in, A.3.2
plug-in support, 5.7.2
syntax, A.3.2, A.3.2
ldapaddmt, A.3.3
adding entries concurrently, A.3.3
LDIF files in, A.3.3
log, A.3.3
syntax, A.3.3
ldapbind, A.3.4, A.3.4
syntax, A.3.4, A.3.4
ldap-bind operation, 2.2.4.1
ldapcompare, A.3.5, A.3.5
plug-in support, 5.7.3
syntax, A.3.5, A.3.5
ldapdelete, A.3.6, A.3.6
deleting entries, A.3.6
syntax, A.3.6, A.3.6
ldapmoddn, A.3.7, A.3.7, A.3.7
syntax, A.3.7
ldapmodify, A.3.8, A.3.8, A.3.8
adding values to multivalued attributes, A.3.8
change types, A.3.8
creating group entries, A.3.8
deleting entries, A.3.8
LDIF files in, A.3.8
plug-in support, 5.7.1
replacing attribute values, A.3.8
syntax, A.3.8, A.3.8
ldapmodifymt, A.3.9
by using, A.3.9
LDIF files in, A.3.9
multithreaded processing, A.3.9
syntax, A.3.9, A.3.9
ldapsearch, A.3.10
filters, A.3.10.1
syntax, A.3.10, A.3.10, A.3.10
LDIF
files
in ldapadd commands, A.3.2
in ldapaddmt commands, A.3.3
in ldapmodify commands, A.3.8, A.3.8
in ldapmodifymt commands, A.3.9, A.3.9
formatting notes, A.1
formatting rules, A.1
syntax, A.1
using, A.1
log files
debug, viewing, A.2.2.2

M

m, A.3.3
mod_osso
benefits, 7.1
compared with single sign-on SDK, 7.1
definition, 7.1
integration methods, 7.2
sample applications, 7.3.1
mod_osso cookie, 7.4
multiple threads, A.3.9
in ldapaddmt, A.3.3
increasing the number of, A.3.3
multithreaded command-line tools
ldapmodifymt, A.3.9
multivalued attributes
adding values to, by using ldapmodify, A.3.8

N

naming entries, 2.2.1
net service name, A.2.1.2

O

object classes
adding
concurrently, by using ldapaddmt, A.3.3
in LDIF files, A.1
objects
removing
by using command-line tools, A.3.6
removing by using command-line tools, A.3.8
odisrvreg, A.4.3
OID Control Utility
run-server command, A.2.2
stop-server command, A.2.2
syntax, A.2.2, A.2.2
viewing debug log files, A.2.2.2
OID Monitor, A.2.2
sleep time, A.2.1.1
starting, A.2.1.1, A.2.1.1, A.2.1.1, A.2.1.1
stopping, A.2.1.2
syntax, A.2.1, A.2.1
oidctl
viewing debug log files, A.2.2.2
oidctl. See OID Control Utility
OIDLDAPD, A.2.2.1.2
OIDREPLD, A.2.2.3.2
one-level search, A.3.10
one-way SSL authentication, 2.2.4.1.3, 8.1.1
OpenLDAP Community, Preface
operational attributes
ACI, 2.2.4.2
Oracle Application Server Java Authentication and Authorization Service
defined, 1.2
Oracle Directory Manager, 1.6.4
listing attribute types, A.1
Oracle directory replication server, 1.6.4
Oracle directory replication server instances
starting, A.2.2.3, A.2.2.3, A.2.2.3.1, A.2.2.3.1, A.2.2.3.1
stopping, A.2.2.3, A.2.2.3.2, A.2.2.3.2, A.2.2.3.2
Oracle directory server, 1.6.4
Oracle directory server instances
starting, A.2.2.1, A.2.2.1.1, A.2.2.1.1
stopping, A.2.2.1, A.2.2.1.1, A.2.2.1.2
Oracle extensions
about, 3
application
deinstallation logic, 1.6.3.2
runtime logic, 1.6.3.2
shutdown logic, 1.6.3.2
startup and bootstrap logic, 1.6.3.2
group management functionality, 3.4
programming abstractions
for Java language, 3.1.2
for PL/SQL language, 3.1.1
programming abstractions for Java language, 3.1.2
user management functionality, 3.1.2, 3.3
Oracle extensions to support SSL, 8.1
Oracle Identity Management
infrastructure
modifying existing applications, 1.3
integrating
new applications, 1.4
integrating applications with, 1
benefits of, 1.1
supported services, 1.2
Oracle Internet Directory, components, 1.6.4
Oracle SSL call interface, 8.1
Oracle SSL extensions, 8.1.1
Oracle SSL-related libraries, 8.5
Oracle system libraries, 8.5
Oracle wallet, 8.1.1.2
Oracle Wallet Manager, 8.1.1.2
required for creating wallets, 8.5
Oracle wallets
changing location of
with ldapadd, A.3.2
with ldapaddmt, A.3.3
with ldapbind, A.3.4
with ldapcompare, A.3.5
with ldapdelete, A.3.6
with ldapmoddn, A.3.7
with ldapmodify, A.3.8
with ldapmodifymt, A.3.9
with ldapsearch, A.3.10
Oracle xxtensions
what an LDAP-integrated application looks like, 1.6.3.1
OracleAS Single Sign-On
user attributes, 7.1
overview of LDAP models, 2.2

P

password-based authentication, 2.2.4.1.2
passwords
policies, 2.2.4.5
performance
by using multiple threads, A.3.3
permissions, 2.2.4, 2.2.4.2
PL/SQL API, 9
contains subset of C API, 2.3.3
data-type summary, 9.3
exception summary, 9.2
functions
add_s, 9.4.27, 9.4.27
ber_free, 9.4.35
bind_s, 9.4.3, 9.4.3
compare_s, 9.4.5, 9.4.5
count_entries, 9.4.10, 9.4.10
count_values, 9.4.29, 9.4.29
count_values_len, 9.4.30, 9.4.30
create_mod_array, 9.4.19, 9.4.19
dbms_ldap.init, 9.4.1
delete_s, 9.4.16, 9.4.16
err2string, 9.4.18, 9.4.18
explode_dn, 9.4.32, 9.4.32
first_attribute, 9.4.11, 9.4.11
first_entry, 9.4.8, 9.4.8
get_dn, 9.4.13, 9.4.13
get_values, 9.4.14, 9.4.14
get_values_len, 9.4.15, 9.4.15
init, 9.4.1, 9.4.1
modify_s, 9.4.26, 9.4.26
modrdn2_s, 9.4.17, 9.4.17
msgfree, 9.4.34
next_attribute, 9.4.12, 9.4.12
next_entry, 9.4.9, 9.4.9
open_ssl, 9.4.33, 9.4.33, 9.4.34, 9.4.35, 9.4.35
rename_s, 9.4.31, 9.4.31
search_s, 9.4.6, 9.4.6
search_st, 9.4.7, 9.4.7
simple_bind_s, 9.4.2, 9.4.2
unbind_s, 9.4.4, 9.4.4
loading into database, 2.3.3
procedures
free_mod_array, 9.4.28
populate_mod_array (binary version), 9.4.21
populate_mod_array (string version), 9.4.20
subprograms, 9.4, 9.4
summary, 9.1, 9.1
plug-ins
binary support, 5.7
port
default, A.2.2.1.1, A.2.2.3.1
port 389, A.2.2.1.1, A.2.2.3.1
port 636, A.2.2.1.1, A.2.2.3.1
POST authentication method, 7.3.4
privacy, data, 2.2.4, 2.2.4.4, 2.2.4.4
privileges, 2.2.4, 2.2.4.2
procedures, PL/SQL
free_mod_array, 9.4.28
populate_mod_array (binary version), 9.4.21
populate_mod_array (string version), 9.4.20
profile tools, A.4
provisioning
tool
syntax, A.4.4
Provisioning Subscription Tool, A.4.4

R

RC4_40 encryption, 2.2.4.4
RDNs. see relative distinguished names (RDNs)
related documentation, Preface
relative distinguished names (RDNs), 2.2.1
modifying
by using ldapmodify, A.3.8
results, stepping through a list of, 8.2.13
RFC 1823, 8.5
rules, LDIF, A.1
run-server command, by using OID Control Utility, A.2.2

S

sample C API usage, 8.3, 8.3
SDK components, 1.6.2
search
filters
IETF-compliant, A.3.10
ldapsearch, A.3.10.1
results
parsing, 8.2.14
scope, 2.6.2
search-related operations, flow of, 2.6.1
security, within Oracle Internet Directory environment, 2.2.4
self-service console, 6.1.1
service location record, 3.6
servlets
dynamically protected, 7.3.3.1
statically protected, 7.3.2, 7.3.2
sessions
closing, 8.2.8
enabling termination by using DBMS_LDAP, 2.7.2
initializing
by using DBMS_LDAP, 2.4.2
by using the C API, 2.4.1
session-specific user identity, 2.2.4.1
simple authentication, 2.2.4.1.2, 2.2.4.1.2
single sign-off, 7.3.3.2, 7.3.3.2
single sign-on SDK
compared with mod_osso, 7.1
sleep time, OID Monitor, A.2.1.1
Smith, Mark, Preface, Preface
SSL
authentication modes, 8.1.1
default port, 2.2.4.1.3
enabling
with ldapadd, A.3.2
with ldapaddmt, A.3.3
with ldapbind, A.3.4
with ldapmodify, A.3.8
with ldapmodifymt, A.3.9
handshake, 8.1.1.1
interface calls, 8.1.1.1, 8.1.1.1
no authentication, 2.2.4.1.3
one-way authentication, 2.2.4.1.3
Oracle extensions, 8.1, 8.1.1
provide encryption and decryption, 8.1.1
two-way authentication, 2.2.4.1.3
wallets, 8.1.1.2
static directives
defined, 7.2
writing, 7.2.1
stop-server command, A.2.2
strong authentication, 2.2.4.1.3
subtree level search, A.3.10
syntax
Catalog Management Tool, A.3.1
catalog management tool, A.3.1
catalog.sh, A.3.1
command-line tools, A.3
Directory Integration and Provisioning Assistant, A.4.1
directory integration and provisioning server registration tool, A.4.3
ldapadd, A.3.2
ldapaddmt, A.3.3
ldapbind, A.3.4
ldapcompare, A.3.5, A.3.5
ldapdelete, A.3.6, A.3.6
ldapmoddn, A.3.7
ldapmodify, A.3.8, A.3.8
ldapmodifymt, A.3.9
ldapsearch, A.3.10, A.3.10
LDIF, A.1
odisrvreg, A.4.3
OID Control Utility, A.2.2
OID Monitor, A.2.1
oidctl, A.2.2
oidprovtool, A.4.4
Oracle Directory Integration and Provisioning command-line tools, A.4
Provisioning Subscription Tool, A.4.4
provisioning tool, A.4.4
schemasync, A.4.2

T

TCP/IP socket library, 8.5
troubleshooting
directory server instance startup, A.2.2.2
two-way authentication, SSL, 8.1.1
types of attributes, 2.2.2

U

URLs, protecting, 7.2, 7.2.2
user attributes, 7.1, 7.1

V

values, deleting attribute, A.3.8

W

wallets
SSL, 8.1.1.2
support, 8.1.1.2
  Previous
Previous
  Go To Table Of Contents
Contents		 Go To Documentation Library
Home		 Go To Product List
Solution Area