Oracle® Role Manager User's Guide Release 10g (10.1.4) Part Number E12027-02 |
|
|
View PDF |
This appendix lists all the elements that are valid according to the schema definition and the various attributes that are valid for each element. It also lists the set of values that each of these attributes can take.
The elements along with their attributes and attribute values are explained here for easy reference. For complete XML schema information, refer to:
oracle.iam.rm.rule.predicate.config_1_0.xsd
To access the XML schema:
Navigate to the ORM_HOME
\lib
directory.
Extract the contents of the server.jar
file into a temporary location using any unzip utility or the jar command-line tool, which is part of the Sun Java Development Kit.
From the temporary location, navigate to META-INF\schemas.
This directory contains the oracle.iam.rm.rule.predicate.config_1_0.xsd
file.
standard.xml
The standard.xml
file contains the standard data model that supports the Oracle Role Manager user interface.
To access the standard.xml file:
Navigate to the ORM_Home
\config
directory.
Extract the contents of the standard.car
file into a temporary location using any unzip utility or the jar command-line tool, which is part of the Sun Java Development Kit.
From the temporary location, navigate to the config\oracle.iam.rm.temporal
directory.
This directory contains the standard.xml
file.
Note:
If there are customizations to the Oracle Role Manager sample data model, then all the attributes in this appendix can take user-defined values as per the customizations made in the XSD.Topics in this appendix include:
The attribute-expression
element has the attributes object-type
and attribute-id.
The attribute-id
attribute takes values based on the value of the object-type
attribute specified in the attribute-expression
element.
Table A-1 lists the object-type
attributes and its corresponding attribute-id
values. The Inherits From column in Table A-1 gives the name of the supertype from which the object-type
attribute mentioned in object-type column is inherited.
See Also:
Oracle Role Manager Developer's Guide for detailed information about every objectTable A-1 Attribute Values for object-type and attribute-id
object-type | Inherits From | Values for attribute-id |
---|---|---|
|
NA |
displayName locale status uniqueName userID userPassword |
|
|
All values for the attribute-id attribute of the abstractIdentity object-type (listed earlier in this table).In addition, it can take the following values: audio businessCategory carLicense costCenterOrg_id departmentNumber description destinationIndicator employeeNumber employeeType fax givenName homePhone homePostalAddress initials internationalISDNNumber jobTitle jpegPhoto l (Note: This attribute-id attribute refers to theLDAP attribute for the locality of the person)locationOrg_id mail manager_id mobile pager photo physicalDeliveryOfficeName postalAddress postalCode postOfficeBox preferredDeliveryMethod preferredLanguage registeredAddress reportingOrg_id roomNumber seeAlso sn (Note: This refers to the surname of the person)st street telephoneNumber telexNumber userCertificate userSMIMECertificate x121Address |
|
NA |
costCenterHierarchyRoot_id costCenterOrg_id description displayName locationHierarhcyRoot_id locationOrg_id orgHead_id reportingHierarhcyRoot_id reportingOrg_id uniqueName |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table).buildingName postalAddress telephoneNumber |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table).c (Note: This attribute-id attribute refers to the two-letter country code to which the organization belongs.) |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table). |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table). |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table).floorIdentifier |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table).l (Note: This attribute-id attribute refers to the LDAP attribute.)seeAlso st street |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table).businessCategory destinationIndicator fax internationalISDNNumber l (Note: This attribute-id attribute refers to theLDAP attribute for the locality of the organization)physicalDeliveryOfficeName postalAddress postalCode postOfficeBox preferredDeliveryMethod registeredAddress seeAlso st street telephoneNumber telexNumber x121Address |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table).businessCategory destinationIndicator fax internationalISDNNumber l physicalDeliveryOfficeName postalAddress postalCode postOfficeBox preferredDeliveryMethod registeredAddress seeAlso st street telephoneNumber telexNumber x121Address |
|
|
All values for the attribute-id attribute of the abstractOrg object-type (listed earlier in this table).roomNumber seeAlso telephoneNumber |
|
NA |
costCenterOrg_id description displayName eligibilityRule isDelegatable locationOrg_id membershipRule reportingOrg_id roleType simpleDynamic socHierarchy_id status uniqueName |
|
|
All values for the attribute-id attribute of the abstractRole object-type (listed earlier in this table).roleOwner_id |
|
|
All values for the attribute-id attribute of the abstractRole object-type (listed earlier in this table).responsibility roleOwner_id |
|
|
All values for the attribute-id attribute of the abstractRole object-type (listed earlier in this table).roleOwner_id |
|
|
All values for the attribute-id attribute of the abstractRole object-type (listed earlier in this table).roleOwner_id |
As discussed in the preceding chapter, the hierarchy-expression
element contains the hierarchy-member
element. This element in turn contains the aliased-reference
element.
The aliased-reference
element uses the attributes object-type
and attribute-id.
The object-type
attribute can take the values abstractOrg
and its inherited object types. For a corresponding list of values that these object-type
attributes can take, see Table A-1.
You can use the relative-object-expression
element to determine approver roles. It contains the attributes subject-type, relationship-path-id,
and relative-object-type.
The subject-type
and relative-object-type
attributes take the values organization, person,
and role.
However, the relationship-path-id
attribute takes a value depending on the subject-type
and relative-object-type
attributes. You can have various subject-type
and relative-object-type
combinations such as person-person.
Table A-2 lists the values that the relationship-path-id
attribute takes when a person-person combination is used.
Table A-2 Attribute Values for relationship-path-id
Combination | relationship-path-id Attributes |
---|---|
|
managedPeople manager secretarialClients secretary |
|
|
|
|
|
|
|
|
|
|
|
|
As discussed in the preceding chapter, the role-member-expression
element contains the aliased-reference
element.
The aliased-reference
element uses the attributes object-type
and attribute-id.
The object-type
attribute can take the values abstractRole
and its inherited object types. For a corresponding list of values that these object-type
attributes can take, see Table A-1.