Oracle® Secure Enterprise Search Administration API Guide 11g Release 2 (11.2.2) Part Number E23428-01 |
|
|
PDF · Mobi · ePub |
An identity plug-in provides an interface between Oracle Secure Enterprise Search and an identity management system to validate and authenticate users. An identity plug-in is required for secure searches. Secure searches return only the results that the user is allowed to view based on access privileges.
Only one identity plug-in can be active. It is responsible for all authentication and validation activity in Oracle SES. See "activate identityPlugin".
Object Type
Creatable
Object Key
jarFilePath managerClassName
Object Key Command Syntax
--JAR_FILE=jar_filename --MANAGER_CLASS=class
State Properties
Property | Value |
---|---|
status |
ACTIVE INACTIVE |
Supported Operations
activate deactivate export exportAll exportList getAllObjectKeys getAllStates getState getStateList
Administration GUI Page
Global Settings - Identity Management Setup
XML Description
The <search:identityPlugins>
element describes identity plug-ins:
<search:identityPlugins> <search:identityPlugin> <search:managerClassName> <search:jarFilePath> <search:description> <search:version> <search:authAttribute> <!-- Include parameters for activate operation --> <search:parameters> <search:parameter> <search:value> <search:description>
The implementation of the identity plug-in determines the parameters. You cannot create new parameters in the XML document.
Element Descriptions
Contains one or more <search:identityPlugin>
elements.
Describes an identity plug-in. It contains these elements:
<search:managerClassName> <search:jarFilePath> <search:description> <search:version> <search:authAttribute> <search:parameters>
Contains the class name of the plug-in.
Contains the qualified name of the jar file. Paths can be absolute or relative to the ORACLE_HOME/search/lib/plugins/identity directory.
Contains a description of the plug-in. (Read only)
Contains the Oracle SES version of the plug-in. (Read only)
Contains the authentication attribute for the plug-in.
Contains one or more <search:parameter>
elements.
Describes a plug-in parameter. Each plug-in has its own parameters. This element contains these child elements:
<search:value> <search:description>
Attribute | Value |
---|---|
name |
Name of the parameter. |
Value of the parameter.
Attribute | Value |
---|---|
encrypted |
Indicates whether the value of <search:value> is encrypted. Set to true if the password is encrypted, or set to false if it is plain text. The default value is false . |
Description of the parameter.
Example
This XML document describes an Oracle Internet Directory plug-in:
<?xml version="1.0" encoding="UTF-8" ?> <search:config productVersion="11.2.1.0.0" xmlns:search="http://xmlns.oracle.com/search"> <search:identityPlugins> <search:identityPlugin> <search:managerClassName> oracle.search.plugin.security.identity.oid.OIDPluginManager </search:managerClassName> <search:jarFilePath>OIDPlugins.jar</search:jarFilePath> <search:description>Oracle Internet Directory identity plug-in manager </search:description> <search:version>11.2.1.0.0</search:version> <search:authAttribute>nickname</search:authAttribute> <search:parameters> <search:parameter name="Host name"> <search:value>my_computer</search:value> <search:description>Oracle Internet Directory host on my computer</search:description> </search:parameter> <search:parameter name="Port"> <search:value>7789</search:value> <search:description>Oracle Internet Directory port</search:description> </search:parameter> <search:parameter name="Use SSL"> <search:value>false</search:value> <search:description>SSL encryption </search:description> </search:parameter> <search:parameter name="Realm"> <search:value>dc=us,dc=example,dc=com</search:value> <search:description>Oracle Internet Directory realm</search:description> </search:parameter> <search:parameter name="User name"> <search:value>cn=orcladmin</search:value> <search:description>Oracle Internet Directory user name</search:description> </search:parameter> <search:parameter name="Password"> <search:value encrypted="false">mypassword</search:value> <search:description>Password</search:description> </search:parameter> <search:parameter name="Use User Cache"> <search:value>false</search:value> <search:description> </search:description> </search:parameter> <search:parameter name="User Cache Source Name"> <search:description> </search:description> </search:parameter> </search:parameters> </search:identityPlugin> </search:identityPlugins> </search:config>