Skip Navigation Links | |
Exit Print View | |
About Oracle Java CAPS Communication Adapters Java CAPS Documentation |
About Oracle Java CAPS Adapter for CICS
The Oracle Java CAPS Adapter for CICS
IBM CICS Transaction Gateway (CTG)
Oracle Java CAPS CICS Listener
z/OS CICS Security Considerations
Security Considerations for Oracle Java CAPS CICS Listener
Security Considerations for IBM CICS Transaction Gateway
About Oracle Java CAPS Adapter for COM/DCOM
The Oracle Java CAPS COM/DCOM Adapter
About Oracle Java CAPS Adapter for e-Mail
How does the e-Mail Adapter connect?
About Oracle Java CAPS Adapter for File
About Oracle Java CAPS Adapter for Batch
About Oracle Java CAPS Adapter for IMS
About Information Management System (IMS)
About Oracle Java CAPS Adapter for LDAP
Entries, Attributes, and Values
Distinguished Names and Relative Distinguished Names
About Oracle Java CAPS Adapter for MSMQ
About Microsoft Message Queuing (MSMQ)
About Oracle Java CAPS Adapter for TCP/IP
About Oracle Java CAPS Adapter for TCP/IP HL7
About Oracle Java CAPS Adapter for HTTPS
Cookie Expiration Date Checking
This topic provides conceptual information about LDAP and its Java CAPS Adapter.
LDAP (Lightweight Directory Access Protocol), is an Internet protocol for accessing information directories. A directory service is a distributed database application designed to manage the entries and attributes in a directory. LDAP runs over TCP/IP.
LDAP allows clients to access different directory services based on entries. It makes the entries, along with their attributes and values, available to users and other applications, on a controlled-access basis.
The LDAP OTD provides access to the operations available via the LDAP protocol. To give you a better understanding of these operations and how they are implemented in the OTD, this section briefly summarizes how LDAP works.
An LDAP directory has entries that contain information pertaining to some entity. Each of the entry’s attributes has a name and one or more values. The names of attributes are most often mnemonic strings, such as cn for common name, or mail for email address.
For example, a company may have an employee directory. Each entry in the employee directory represents an employee. The employee entry contains such information as the name, email address, and phone number, as shown in the following example:
cn: John Doe mail: johndoe@oracle.com mail: jdoe@stc.com telephoneNumber: 471-6000 x.1234
Each part of the descriptive information, such as an employee’s name, is known as an attribute. In the example above, the Common Name (cn) attribute, represents the name of the employee. The other attributes are mail and telephoneNumber.
Each attribute can have one or more values. For example, an employee entry may contain a mail attribute whose values are johndoe@oracle.com and jdoe@stc.com. In the previous example, the mail attribute contains two mail values.
The organization of a directory is a tree structure. The topmost entry in a directory is known as the root entry. This entry normally represents the organization that owns the directory.
Entries at the higher level of hierarchy, represent larger groupings or organizations. Entries under the larger organizations represent smaller organizations that make up the larger ones. The leaf nodes (or entries) of the tree structure represent the individual persons or resources.
An entry is made up of a collection of attributes that have a unique identifier called a distinguished name (DN). A DN consists of a name that uniquely identifies the entry at that hierarchical level. In the example above, John Doe and Jane Doe are different common names (cn) that identify different entries at that same level.
A DN is also a fully qualified path of names that trace the entry back to the root of the tree. For example, the distinguished name of the John Doe entry is:
cn=John Doe, ou=People, dc=oracle.com
A relative distinguished name (RDN) is a component of the distinguished name. For example, cn=John Doe, ou=People is a RDN relative to the root RDN dc=oracle.com. DNs are used to describe the fully qualified path to an entry while an RDN is used to describe the partial path to the entry relative to another entry in the tree.
Wherever necessary, the LDAP OTD mimics this same directory structure.
A directory service is a distributed database application designed to manage the entries and attributes in a directory. A directory service also makes the entries and attributes available to users and other applications. OpenLDAP server is an example of a directory service. Other directory services include Oracle Internet Directory and Microsoft Active Directory.
A directory client accesses a directory service using the LDAP protocol. A directory client may use one of several client APIs available in order to access the directory service.
The native APIs developed for the LDAP Adapter query the results of a search based on specified criteria. The search results may consist of a number of referrals.
A referral is an entity that is used to redirect a client’s request to another server. A referral contains the names and locations of other objects. For example, an LDAP server sends a referral to the client to indicate that the information that the client has requested can be found at another location (or locations), possibly at another server or several servers.
The referral contains the URL of the LDAP server that holds the actual entry. The LDAP URL contains the server’s host/port and an object’s DN.
This section describes the general information about the LDAP Adapter and its operation with Oracle Java CAPS ESB.
The LDAP Adapter enables Oracle Java CAPS ESB to exchange data with an LDAP directory on an LDAP server. The Adapter consists of two components, an LDAP connector and an LDAP Object Type Definition (OTD). The OTD utilizes the connector to connect to a particular LDAP server.
By connecting to an LDAP server, the Adapter enables Oracle Java CAPS ESB to search, compare, and modify an LDAP directory using the LDAP protocol. The Adapter utilizes the LDAP OTD to perform these functions. This OTD carries LDAP information through Oracle Java CAPS ESB and allows the information to be processed by Oracle Java CAPS ESB’s Java-based Collaborations.
In addition, the LDAP OTD exposes the application programming interface (API) for accessing the LDAP directory. The LDAP OTD enables you to create Java-based Collaboration Definitions that execute LDAP operations, for example, searching an LDAP directory, adding entries to the directory, and modifying entries in the directory.
A given instance of an LDAP OTD uses only one instance of an LDAP connector. You can use as many instances of the LDAP OTD in a single data-exchange scenario, as necessary.
The LDAP Adapter uses the Java Naming and Directory Interface (JNDI) LDAP provider. This set of APIs allows a Java program to store objects and look up objects using multiple naming services in a standard manner.
The JNDI is included in the Java 2 Software Developer’s Kit (SDK) version 1.4 installed as part of Oracle Java CAPS ESB.
A disclaimer readme file is available for review when you install the LDAP Adapter. The disclaimer is applicable to the jCookie Library, a robust and easy to use library for client-side HTTP state management in Java applications.
After successful installation, you can view the following third-party file using any text file viewer:
LDAPeWay_THIRDPARTYLICENSEREADME.txt
Third-party license files are located at:
\repository\ThirdPartyLicenses
where repository indicates the folder where the Oracle Java CAPS ESB Repository is installed.