Skip Headers
Oracle® Fusion Middleware Application Developer's Guide for Oracle Identity Management
11
g
Release 1 (11.1.1)
Part Number E10186-04
Home
Book List
Index
Contact Us
Next
PDF
·
Mobi
·
ePub
Contents
List of Figures
List of Tables
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
What's New in the SDK?
New Features in the 11g Release 1 (11.1.1.6) SDK
New Features in the 11g Release 1 (11.1.1) SDK
New Features in the 10
g
(10.1.4.0.1) SDK
New Features in the Release 10.1.2 SDK
New Features in the Release 9.0.4 SDK
Part I Programming for Oracle Identity Management
1
Developing Applications for Oracle Identity Management
1.1
Oracle Identity Management Services Available for Application Integration
1.2
Integrating Existing Applications with Oracle Identity Management
1.3
Oracle Identity Management Programming: An Overview
1.3.1
Programming Languages Supported by the Oracle Internet Directory SDK
1.3.2
Oracle Identity Management SDK Components
1.3.3
Application Development in the Oracle Identity Management Environment
1.3.3.1
Architecture of an Oracle Identity Management Application
1.3.3.2
Oracle Identity Management Interactions During the Application Life Cycle
1.3.3.3
Services and APIs for Integrating Applications with Oracle Identity Management
1.3.3.4
Integrating Existing Applications with Oracle Identity Management
2
Developing Applications with Standard LDAP APIs
2.1
History of LDAP
2.2
LDAP Models
2.2.1
Naming Model
2.2.2
Information Model
2.2.3
Functional Model
2.2.4
Security Model
2.2.4.1
Authentication
2.2.4.2
Access Control and Authorization
2.2.4.3
Data Integrity
2.2.4.4
Data Privacy
2.2.4.5
Password Policies
2.3
About the Standard LDAP APIs
2.3.1
API Usage Model
2.3.2
Getting Started with the C API
2.3.3
Getting Started with the DBMS_LDAP Package
2.3.4
Getting Started with the Java API
2.4
Initializing an LDAP Session
2.4.1
Initializing the Session by Using the C API
2.4.2
Initializing the Session by Using DBMS_LDAP
2.4.3
Initializing the Session by Using JNDI
2.5
Authenticating an LDAP Session
2.5.1
Authenticating an LDAP Session by Using the C API
2.5.2
Authenticating an LDAP Session by Using DBMS_LDAP
2.6
Searching the Directory
2.6.1
Program Flow for Search Operations
2.6.2
Search Scope
2.6.3
Filters
2.6.4
Searching the Directory by Using the C API
2.6.5
Searching the Directory by Using DBMS_LDAP
2.7
Terminating the Session
2.7.1
Terminating the Session by Using the C API
2.7.2
Terminating the Session by Using DBMS_LDAP
3
Extensions to the LDAP Protocol
3.1
SASL Authentication
3.1.1
SASL Authentication by Using DIGEST-MD5
3.1.1.1
Steps Involved in SASL Authentication by Using DIGEST-MD5
3.1.2
SASL Authentication by Using External Mechanism
3.2
Using Controls
3.3
Proxying on Behalf of End Users
3.4
Creating Dynamic Password Verifiers
3.4.1
Request Control for Dynamic Password Verifiers
3.4.2
Syntax for DynamicVerifierRequestControl
3.4.3
Parameters Required by the Hashing Algorithms
3.4.4
Configuring the Authentication APIs
3.4.4.1
Parameters Passed If ldap_search Is Used
3.4.4.2
Parameters Passed If ldap_compare Is Used
3.4.5
Response Control for Dynamic Password Verifiers
3.4.6
Obtaining Privileges for the Dynamic Verifier Framework
3.5
Performing Hierarchical Searches
3.5.1
New Features of the CONNECT_BY Control
3.5.2
Value Fields in the CONNECT_BY Control
3.6
Sorted LDAP Search Results
3.7
Paged LDAP Search Results
3.8
Password Policies
3.8.1
User Provisioning
3.8.2
User Authentication
3.8.2.1
LDAP Bind/Compare Operation-Based Authentication
3.8.2.2
LDAP Search Operation-Based Authentication
3.8.3
User Account Maintenance
4
Developing Applications With Oracle Extensions to the Standard APIs
4.1
Using Oracle Extensions to the Standard APIs
4.2
Creating an Application Identity in the Directory
4.2.1
Creating an Application Identity
4.2.2
Assigning Privileges to an Application Identity
4.3
Managing Users
4.4
Managing Groups
4.5
Managing Realms
4.6
Discovering a Directory Server
4.6.1
Benefits of Oracle Internet Directory Discovery Interfaces
4.6.2
Usage Model for Discovery Interfaces
4.6.3
Determining Server Name and Port Number From DNS
4.6.3.1
Mapping the DN of the Naming Context
4.6.3.2
Search by Domain Component of Local Machine
4.6.3.3
Search by Default SRV Record in DNS
4.6.4
Environment Variables for DNS Server Discovery
4.6.5
Programming Interfaces for DNS Server Discovery
5
Using the Java API Extensions to JNDI
5.1
Installing the Java Extensions
5.2
Using the oracle.ldap.util Package to Model LDAP Objects
5.3
The Classes PropertySetCollection, PropertySet, and Property
5.4
Managing Users
5.5
Authenticating Users
5.6
Creating Users
5.7
Retrieving User Objects
5.8
Retrieving Objects from Realms
5.9
Example: Search for Oracle Single Sign-On Login Name
5.10
Discovering a Directory Server
5.11
Example: Discovering a Directory Server
5.12
Using DIGEST-MD5 to Perform SASL Authentication
5.13
Example: Using SASL Digest-MD5 auth-int and auth-conf Modes
5.14
Using LDAP Transactions
5.15
Example: Using LDAP Transactions
5.15.1
Start Transaction Request interface implementation (LdapStartTxnReq.java)
5.15.2
Start Transaction Response interface implementation (LdapStartTxnRes.java)
5.15.3
End Transaction Request interface implementation (LdapEndTxnReq.java)
5.15.4
End Transaction Response interface implementation (LdapEndTxnRes.java)
5.15.5
Java and Pseudocode Sample of Interfaces in LDAP Update Operations Within Transaction Semantics (LdapTxnOperation.java)
6
Using the API Extensions in PL/SQL
6.1
Installing the PL/SQL Extensions
6.2
Using Handles to Access Directory Data
6.3
Managing Users
6.4
Authenticating Users
6.5
Dependencies and Limitations of the PL/SQL LDAP API
7
Developing Provisioning-Integrated Applications
Part II Oracle Internet Directory Programming Reference
8
C API Reference
8.1
About the Oracle Internet Directory C API
8.1.1
Oracle Internet Directory SDK C API SSL Extensions
8.1.1.1
SSL Interface Calls
8.1.1.2
Wallet Support
8.2
Functions in the C API
8.2.1
The Functions at a Glance
8.2.2
Initializing an LDAP Session
8.2.2.1
ldap_init and ldap_open
8.2.3
LDAP Session Handle Options
8.2.3.1
ldap_get_option and ldap_set_option
8.2.4
Getting Bind Credentials for Chasing Referrals
8.2.4.1
ldap_set_rebind_proc
8.2.5
Authenticating to the Directory
8.2.5.1
ldap_sasl_bind, ldap_sasl_bind_s, ldap_simple_bind, and ldap_simple_bind_s
8.2.6
SASL Authentication Using Oracle Extensions
8.2.6.1
ora_ldap_init_SASL
8.2.6.2
ora_ldap_create_cred_hdl, ora_ldap_set_cred_props, ora_ldap_get_cred_props, and ora_ldap_free_cred_hdl
8.2.7
Working With Controls
8.2.8
Closing the Session
8.2.8.1
ldap_unbind, ldap_unbind_ext, and ldap_unbind_s
8.2.9
Performing LDAP Operations
8.2.9.1
ldap_search_ext, ldap_search_ext_s, ldap_search, and ldap_search_s
8.2.9.2
Reading an Entry
8.2.9.3
Listing the Children of an Entry
8.2.9.4
ldap_compare_ext, ldap_compare_ext_s, ldap_compare, and ldap_compare_s
8.2.9.5
ldap_modify_ext, ldap_modify_ext_s, ldap_modify, and ldap_modify_s
8.2.9.6
ldap_rename and ldap_rename_s
8.2.9.7
ldap_add_ext, ldap_add_ext_s, ldap_add, and ldap_add_s
8.2.9.8
ldap_delete_ext, ldap_delete_ext_s, ldap_delete, and ldap_delete_s
8.2.9.9
ldap_extended_operation and ldap_extended_operation_s
8.2.10
Abandoning an Operation
8.2.10.1
ldap_abandon_ext and ldap_abandon
8.2.11
Obtaining Results and Peeking Inside LDAP Messages
8.2.11.1
ldap_result, ldap_msgtype, and ldap_msgid
8.2.12
Handling Errors and Parsing Results
8.2.12.1
ldap_parse_result, ldap_parse_sasl_bind_result, ldap_parse_extended_result, and ldap_err2string
8.2.13
Stepping Through a List of Results
8.2.13.1
ldap_first_message and ldap_next_message
8.2.14
Parsing Search Results
8.2.14.1
ldap_first_entry, ldap_next_entry, ldap_first_reference, ldap_next_reference, ldap_count_entries, and ldap_count_references
8.2.14.2
ldap_first_attribute and ldap_next_attribute
8.2.14.3
ldap_get_values, ldap_get_values_len, ldap_count_values, ldap_count_values_len, ldap_value_free, and ldap_value_free_len
8.2.14.4
ldap_get_dn, ldap_explode_dn, ldap_explode_rdn, and ldap_dn2ufn
8.2.14.5
ldap_get_entry_controls
8.2.14.6
ldap_parse_reference
8.3
Sample C API Usage
8.3.1
C API Usage with SSL
8.3.2
C API Usage Without SSL
8.3.3
C API Usage for SASL-Based DIGEST-MD5 Authentication
8.3.4
Setting and Using a Callback Function to Get Credentials When Chasing Referrals
8.4
Required Header Files and Libraries for the C API
8.5
Dependencies and Limitations of the C API
9
DBMS_LDAP PL/SQL Reference
9.1
Summary of Subprograms
9.2
Exception Summary
9.3
Data Type Summary
9.4
Subprograms
9.4.1
FUNCTION init
9.4.2
FUNCTION simple_bind_s
9.4.3
FUNCTION bind_s
9.4.4
FUNCTION unbind_s
9.4.5
FUNCTION compare_s
9.4.6
FUNCTION search_s
9.4.7
FUNCTION search_st
9.4.8
FUNCTION first_entry
9.4.9
FUNCTION next_entry
9.4.10
FUNCTION count_entries
9.4.11
FUNCTION first_attribute
9.4.12
FUNCTION next_attribute
9.4.13
FUNCTION get_dn
9.4.14
FUNCTION get_values
9.4.15
FUNCTION get_values_len
9.4.16
FUNCTION delete_s
9.4.17
FUNCTION modrdn2_s
9.4.18
FUNCTION err2string
9.4.19
FUNCTION create_mod_array
9.4.20
PROCEDURE populate_mod_array (String Version)
9.4.21
PROCEDURE populate_mod_array (Binary Version)
9.4.22
PROCEDURE populate_mod_array (Binary Version. Uses BLOB Data Type)
9.4.23
FUNCTION get_values_blob
9.4.24
FUNCTION count_values_blob
9.4.25
FUNCTION value_free_blob
9.4.26
FUNCTION modify_s
9.4.27
FUNCTION add_s
9.4.28
PROCEDURE free_mod_array
9.4.29
FUNCTION count_values
9.4.30
FUNCTION count_values_len
9.4.31
FUNCTION rename_s
9.4.32
FUNCTION explode_dn
9.4.33
FUNCTION open_ssl
9.4.34
FUNCTION msgfree
9.4.35
FUNCTION ber_free
9.4.36
FUNCTION nls_convert_to_utf8
9.4.37
FUNCTION nls_convert_to_utf8
9.4.38
FUNCTION nls_convert_from_utf8
9.4.39
FUNCTION nls_convert_from_utf8
9.4.40
FUNCTION nls_get_dbcharset_name
10
Java API Reference
11
DBMS_LDAP_UTL PL/SQL Reference
11.1
Summary of Subprograms
11.2
Subprograms
11.2.1
User-Related Subprograms
11.2.1.1
Function authenticate_user
11.2.1.2
Function create_user_handle
11.2.1.3
Function set_user_handle_properties
11.2.1.4
Function get_user_properties
11.2.1.5
Function set_user_properties
11.2.1.6
Function get_user_extended_properties
11.2.1.7
Function get_user_dn
11.2.1.8
Function check_group_membership
11.2.1.9
Function locate_subscriber_for_user
11.2.1.10
Function get_group_membership
11.2.2
Group-Related Subprograms
11.2.2.1
Function create_group_handle
11.2.2.2
Function set_group_handle_properties
11.2.2.3
Function get_group_properties
11.2.2.4
Function get_group_dn
11.2.3
Subscriber-Related Subprograms
11.2.3.1
Function create_subscriber_handle
11.2.3.2
Function get_subscriber_properties
11.2.3.3
Function get_subscriber_dn
11.2.3.4
Function get_subscriber_ext_properties
11.2.4
Property-Related Subprograms
11.2.5
Miscellaneous Subprograms
11.2.5.1
Function normalize_dn_with_case
11.2.5.2
Function get_property_names
11.2.5.3
Function get_property_values
11.2.5.4
Function get_property_values_len
11.2.5.5
Procedure free_propertyset_collection
11.2.5.6
Function create_mod_propertyset
11.2.5.7
Function populate_mod_propertyset
11.2.5.8
Procedure free_mod_propertyset
11.2.5.9
Procedure free_handle
11.2.5.10
Function check_interface_version
11.2.5.11
Function get_property_values_blob
11.2.5.12
Procedure property_value_free_blob
11.3
Function Return Code Summary
11.4
Data Type Summary
12
Oracle Directory Integration and Provisioning Java API Reference
12.1
Application Configuration
12.1.1
Application Registration and Provisioning Configuration
12.1.1.1
Application Registration
12.1.1.2
Provisioning Configuration
12.1.2
Application Configuration Classes
12.2
User Management
12.2.1
Creating a User
12.2.2
Modifying a User
12.2.3
Deleting a User
12.2.4
Looking Up a User
12.3
Debugging
12.4
Sample Code
13
Oracle Directory Integration Platform PL/SQL API Reference
13.1
Versioning of Provisioning Files and Interfaces
13.2
Extensible Event Definition Configuration
13.3
Inbound and Outbound Events
13.4
PL/SQL Bidirectional Interface (Version 3.0)
13.5
PL/SQL Bidirectional Interface (Version 2.0)
13.6
Provisioning Event Interface (Version 1.1)
13.6.1
Predefined Event Types
13.6.2
Attribute Type
13.6.3
Attribute Modification Type
13.6.4
Event Dispositions Constants
13.6.5
Callbacks
13.6.5.1
GetAppEvent()
13.6.5.2
PutAppEventStatus()
13.6.5.3
PutOIDEvent()
Part III Appendixes
A
Java Plug-ins for User Provisioning
A.1
Provisioning Plug-in Types and Their Purpose
A.2
Provisioning Plug-in Requirements
A.3
Data Entry Provisioning Plug-in
A.3.1
Pre–Data-Entry Provisioning Plug-in
A.3.2
Post–Data-Entry Provisioning Plug-in
A.4
Data Access Provisioning Plug-in
A.5
Event Delivery Provisioning Plug-in
A.6
Provisioning Plug-in Return Status
A.7
Configuration Template for Provisioning Plug-ins
A.8
Sample Code for a Provisioning Plug-in
B
DSML Syntax
B.1
Capabilities of DSML
B.2
Benefits of DSML
B.3
DSML Syntax
B.3.1
Top-Level Structure
B.3.2
Directory Entries
B.3.3
Schema Entries
B.4
Tools Enabled for DSML
C
Migrating from Netscape LDAP SDK API to Oracle LDAP SDK API
C.1
Features
C.2
Functions
C.3
Macros
Index
Scripting on this page enhances content navigation, but does not change the content in any way.