Skip Navigation Links | |
Exit Print View | |
Oracle Fusion Middleware Administration Guide for Oracle Unified Directory 11g Release 1 (11.1.1) |
1. Starting and Stopping the Server
2. Configuring the Server Instance
3. Configuring the Proxy Components
4. Configuring Security Between Clients and Servers
5. Configuring Security Between the Proxy and the Data Source
Configuring Security Between the Proxy and Data Source Using dsconfig
To Configure Security Between the Proxy and Directory Servers Using dsconfig
Configurable LDAP Extension Properties Relevant to Security
Setting Access Control Using Network Group Criteria
6. Managing Oracle Unified Directory With Oracle Directory Services Manager
10. Managing Users and Groups With dsconfig
11. Managing Password Policies
The Oracle Unified Directory proxy manages both the security with the client and with the directory server. The proxy supports both SSL and StartTLS.
When you configure Oracle Unified Directory proxy security, you must specify how the proxy connects to the remote LDAP server by indicating if the proxy should use SSL always, never, or user.
If you configure Oracle Unified Directory proxy security as always, then regardless how the client connects to the proxy, the connection with the remote LDAP server will always be secured using SSL.
Similarly, if you configure Oracle Unified Directory proxy security as never, then regardless if the client connects to the proxy with a secure connection, the connection between the proxy and the remote LDAP directory server will not be secured.
If you configure Oracle Unified Directory proxy security as user, then the security between the proxy and the remote LDAP directory servers will be the same as the security between the client and the proxy. For example, if the client connect with SSL, then the connection with the remote LDAP server will also use SSL. One notable exception is if the client connects using StartTLS, then Oracle Unified Directory proxy will connect to the remote LDAP servers using SSL.
For more information see Modes of Secure Connection.