identityPlugin

An identity plug-in provides an interface between Oracle Secure Enterprise Search and an identity management system to validate and authenticate users. An identity plug-in is required for secure searches. Secure searches return only the results that the user is allowed to view based on access privileges.

Only one identity plug-in can be active. It is responsible for all authentication and validation activity in Oracle SES. See "activate identityPlugin".

Object Type

Creatable

Object Key

jarFilePath managerClassName

Object Key Command Syntax

--JAR_FILE=jar_filename --MANAGER_CLASS=class

State Properties

Property	Value
`status`	ACTIVE INACTIVE

Supported Operations

activate
create
createAll
deactivate
delete
deleteAll
deleteList
export
exportAll
exportList
getAllObjectKeys
getAllStates
getState
getStateList

Administration GUI Page

Global Settings - Identity Management Setup

XML Description

The <search:identityPlugins> element describes identity plug-ins:

<search:identityPlugins>
  <search:identityPlugin>
    <search:managerClassName>
    <search:jarFilePath>
    <search:description>
    <search:version>
    <search:authAttribute>

<!-- Include parameters for activate operation -->
    <search:parameters>
      <search:parameter>
         <search:value>
         <search:description>

The implementation of the identity plug-in determines the parameters. You cannot create new parameters in the XML document.

Element Descriptions

<search:identityPlugins>

Contains one or more <search:identityPlugin> elements.

<search:identityPlugin>

Describes an identity plug-in. It contains these elements:

<search:managerClassName>
<search:jarFilePath>
<search:description>
<search:version>
<search:authAttribute>
<search:parameters>

<search:managerClassName>

Contains the class name of the plug-in.

<search:jarFilePath>

Contains the qualified name of the jar file. Paths can be absolute or relative to the ORACLE_HOME/search/lib/plugins/identity directory.

<search:description>

Contains a description of the plug-in. (Read only)

<search:version>

Contains the Oracle SES version of the plug-in. (Read only)

<search:authAttribute>

Contains the authentication attribute for the plug-in.

<search:parameters>

Contains one or more <search:parameter> elements. The parameter are used only by activate identityPlugin, not by create identityPlugin.

<search:parameter>

Describes a plug-in parameter. Each plug-in has its own parameters. This element contains these child elements:

<search:value>
<search:description>

Attribute	Value
`name`	Name of the parameter.

<search:value>

Value of the parameter.

Attribute	Value
`encrypted`	Indicates whether the value of `<search:value>` is encrypted. Set to `true` if the password is encrypted, or set to `false` if it is plain text. The default value is `false`.

<search:description>

Description of the parameter.

Example

This XML document defines an Oracle Internet Directory plug-in:

<?xml version="1.0" encoding="UTF-8" ?>
<search:config productVersion="11.1.2.0.0" xmlns:search="http://xmlns.oracle.com/search">
  <search:identityPlugins>
    <search:identityPlugin>
         <search:managerClassName>
           oracle.search.plugin.security.identity.oid.OIDPluginManager
         </search:managerClassName>
      <search:jarFilePath>OIDPlugins.jar</search:jarFilePath>
      <search:description>Oracle Internet Directory identity plug-in manager
      </search:description>
      <search:version>11.1.0.0.0</search:version>
      <search:authAttribute>nickname</search:authAttribute>
      <search:parameters>
        <search:parameter name="Host name">
          <search:value>my_computer</search:value>
          <search:description>OID host on my computer</search:description>
        </search:parameter>
        <search:parameter name="Port">
          <search:value>7789</search:value>
          <search:description>OID port</search:description>
        </search:parameter>
        <search:parameter name="Use SSL">
          <search:value>false</search:value>
          <search:description>SSL encryption
          </search:description>
        </search:parameter>
        <search:parameter name="Realm">
          <search:value>dc=us,dc=example,dc=com</search:value>
          <search:description>OID realm</search:description>
        </search:parameter>
        <search:parameter name="User name">
          <search:value>cn=orcladmin</search:value>
          <search:description>OID user name</search:description>
        </search:parameter>
        <search:parameter name="Password">
          <search:value encrypted="false">mypassword</search:value>
          <search:description>Password</search:description>
        </search:parameter>
        <search:parameter name="Use User Cache">
          <search:value>false</search:value>
          <search:description> </search:description>
        </search:parameter>
        <search:parameter name="User Cache Source Name">
          <search:description> </search:description>
        </search:parameter>
      </search:parameters>
    </search:identityPlugin>
  </search:identityPlugins>
</search:config>