Jump to

• Request
• Response

Add, Search, Compare or Delete Proxy LDAP Workflow Element

post

/rest/v1/admin

Add, Search, Compare or Delete Proxy LDAP Workflow Element

Request

Supported Media Types

• application/json

Body ()

Proxy LDAP Workflow Element that needs to be created

Root Schema : Proxy LDAP Workflow Element POSTRequest

Type: object

Show Source

• assertion(optional): string
  Assertion string for the LDAP compare operation. Note: To be used only while performing LDAP compare operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest.
• attributes(optional): object Proxy LDAP Workflow Element Properties
• base(optional): string
  Search Base DN to be used for the LDAP search operation. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest. It is also mandatory for such operation
• controls(optional): array controls
  LDAP controls to be sent to server for the LDAP operation.
• dn(optional): string
  LDAP DN of the entry to be created or deleted or compared. Note: To be used only while performing LDAP add, delete or compare operations, i.e, if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:AddRequest, urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteRequest or urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest.It is mandatory for such operations.
• filter(optional): string
  Search filter for the LDAP search operation. Should follow LDAP search filter syntax. Note: To be used only while performing LDAP search operation using POST request, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.
• msgType: string
  Allowed Values: [ "urn:ietf:params:rest:schemas:oracle:oud:1.0:AddRequest", "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest", "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteRequest", "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest" ]

  The REST message type
• requiredAttributes(optional): array requiredAttributes
  List of attributes to be fetched for the entry. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.
• scope(optional): string
  Allowed Values: [ "base", "sub", "one" ]

  Scope for the LDAP search operation. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.

{
    "type":"object",
    "required":[
        "msgType"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "type":"string",
            "enum":[
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:AddRequest",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteRequest",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest"
            ]
        },
        "dn":{
            "description":"LDAP DN of the entry to be created or deleted or compared. Note: To be used only while performing LDAP add, delete or compare operations, i.e, if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:AddRequest, urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteRequest or urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest.It is mandatory for such operations.",
            "type":"string"
        },
        "attributes":{
            "$ref":"#/definitions/Proxy LDAP Workflow Element Properties"
        },
        "base":{
            "description":"Search Base DN to be used for the LDAP search operation. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest. It is also mandatory for such operation",
            "type":"string"
        },
        "scope":{
            "description":"Scope for the LDAP search operation. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.",
            "type":"string",
            "enum":[
                "base",
                "sub",
                "one"
            ]
        },
        "filter":{
            "description":"Search filter for the LDAP search operation. Should follow LDAP search filter syntax. Note: To be used only while performing LDAP search operation using POST request, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.",
            "type":"string"
        },
        "requiredAttributes":{
            "description":"List of attributes to be fetched for the entry. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.",
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "controls":{
            "description":"LDAP controls to be sent to server for the LDAP operation.",
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "assertion":{
            "description":"Assertion string for the LDAP compare operation. Note: To be used only while performing LDAP compare operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest.",
            "type":"string"
        }
    }
}

Nested Schema : Proxy LDAP Workflow Element Properties

Type: object

Show Source

• cn(optional): string
  CN (common name) of the entry
• ds-cfg-client-cred-mode: string
  Allowed Values: [ "use-client-identity", "use-proxy-auth", "use-specific-identity" ]

  Specifies the way the proxy server binds to the remote LDAP server.
• ds-cfg-enabled: boolean
  Indicates whether the Workflow Element is enabled for use in the server.
• ds-cfg-exclude-list(optional): array ds-cfg-exclude-list
  The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.
• ds-cfg-include-list(optional): array ds-cfg-include-list
  The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.
• ds-cfg-java-class: string
  Default Value: com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement

  Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation.
• ds-cfg-ldap-server-extension: string
  Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element.
• ds-cfg-log-silent-bind-response-controls(optional): boolean
  Default Value: false

  Indicates whether the logging of the silent-bind response controls is enabled.
• ds-cfg-never-bind(optional): boolean
  Default Value: false

  Indicates whether the never-bind flag is enabled.
• ds-cfg-never-bind-user-password-attribute(optional): string
  Default Value: userPassword

  This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value "userPassword" is used instead.
• ds-cfg-remote-ldap-server-bind-dn(optional): string
  DN which will be used to connect to a remote server. This DN must exist on the remote server.
• ds-cfg-remote-ldap-server-bind-password(optional): string
  Password which will be used to connect to the remote server.
• ds-cfg-remote-ldap-server-bind-password-file(optional): string
  File which contains the password which will be used to connect to the remote server.
• ds-cfg-remote-root-dn(optional): string
  The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value "" denotes the anonymous credentials. If "" is provided then the remote-ldap-server-bind-password property is ignored.
• ds-cfg-remote-root-password(optional): string
  Password which will be used by the root DN to connect to the remote server.
• ds-cfg-search-count-limit(optional): integer(int32)
  Default Value: 0

  The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request.
• ds-cfg-use-proxy-auth(optional): boolean
  Default Value: false

  This flag indicates whether the LDAP connector can use the proxy authorization control.
• objectclass: array objectclass
  Objectclass(es) which this entry belongs to.

{
    "type":"object",
    "required":[
        "objectclass",
        "ds-cfg-java-class",
        "ds-cfg-client-cred-mode",
        "ds-cfg-ldap-server-extension",
        "ds-cfg-enabled"
    ],
    "properties":{
        "objectclass":{
            "type":"array",
            "description":"Objectclass(es) which this entry belongs to.",
            "items":{
                "type":"string"
            }
        },
        "cn":{
            "type":"string",
            "description":"CN (common name) of the entry"
        },
        "ds-cfg-java-class":{
            "description":"Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation. ",
            "readOnly":false,
            "default":"com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement",
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-dn":{
            "description":"DN which will be used to connect to a remote server. This DN must exist on the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-never-bind":{
            "description":"Indicates whether the never-bind flag is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-never-bind-user-password-attribute":{
            "description":"This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value \"userPassword\" is used instead. ",
            "readOnly":false,
            "default":"userPassword",
            "type":"string"
        },
        "ds-cfg-use-proxy-auth":{
            "description":"This flag indicates whether the LDAP connector can use the proxy authorization control. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-include-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-client-cred-mode":{
            "description":"Specifies the way the proxy server binds to the remote LDAP server. ",
            "readOnly":false,
            "type":"string",
            "enum":[
                "use-client-identity",
                "use-proxy-auth",
                "use-specific-identity"
            ]
        },
        "ds-cfg-remote-ldap-server-bind-password-file":{
            "description":"File which contains the password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-password":{
            "description":"Password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-root-password":{
            "description":"Password which will be used by the root DN to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-ldap-server-extension":{
            "description":"Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-search-count-limit":{
            "description":"The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request. ",
            "readOnly":false,
            "default":0,
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-enabled":{
            "description":"Indicates whether the Workflow Element is enabled for use in the server. ",
            "readOnly":false,
            "type":"boolean"
        },
        "ds-cfg-remote-root-dn":{
            "description":"The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value \"\" denotes the anonymous credentials. If \"\" is provided then the remote-ldap-server-bind-password property is ignored. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-log-silent-bind-response-controls":{
            "description":"Indicates whether the logging of the silent-bind response controls is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-exclude-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        }
    }
}

Nested Schema : controls

Type: array

LDAP controls to be sent to server for the LDAP operation.

Show Source

• Array of: string

{
    "description":"LDAP controls to be sent to server for the LDAP operation.",
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : requiredAttributes

Type: array

List of attributes to be fetched for the entry. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.

Show Source

• Array of: string

{
    "description":"List of attributes to be fetched for the entry. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.",
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : ds-cfg-exclude-list

Type: array

The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.

Show Source

• Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : ds-cfg-include-list

Type: array

The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.

Show Source

• Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : objectclass

Type: array

Objectclass(es) which this entry belongs to.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Objectclass(es) which this entry belongs to.",
    "items":{
        "type":"string"
    }
}

Back to Top

Response

Supported Media Types

• application/json

200 Response

OK

Body ()

Root Schema : Proxy LDAP Workflow Element SuccessResponse

Type: object

Show Source

• compareResult(optional): boolean
  Indicates the result of LDAP compare operation.
• msgType: string
  Allowed Values: [ "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchResponse", "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteResponse", "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareResponse" ]

  The REST message type
• searchResultEntries: array searchResultEntries
  Number of search result entries returned after the LDAP operation.
• totalResults: integer(int32)
  Specifies the number of entries created, and returned.

{
    "type":"object",
    "required":[
        "msgType",
        "totalResults",
        "searchResultEntries"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "type":"string",
            "enum":[
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchResponse",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteResponse",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareResponse"
            ]
        },
        "totalResults":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the number of entries created, and returned."
        },
        "searchResultEntries":{
            "type":"array",
            "description":"Number of search result entries returned after the LDAP operation.",
            "items":{
                "$ref":"#/definitions/Proxy LDAP Workflow Element SearchResultEntry"
            }
        },
        "compareResult":{
            "description":"Indicates the result of LDAP compare operation.",
            "type":"boolean"
        }
    }
}

Nested Schema : searchResultEntries

Type: array

Number of search result entries returned after the LDAP operation.

Show Source

• Array of: object Proxy LDAP Workflow Element SearchResultEntry

{
    "type":"array",
    "description":"Number of search result entries returned after the LDAP operation.",
    "items":{
        "$ref":"#/definitions/Proxy LDAP Workflow Element SearchResultEntry"
    }
}

Nested Schema : Proxy LDAP Workflow Element SearchResultEntry

Type: object

Show Source

• attributes: object Proxy LDAP Workflow Element Properties
• dn: string
  LDAP DN of the entry to be created

{
    "type":"object",
    "required":[
        "dn",
        "attributes"
    ],
    "properties":{
        "dn":{
            "description":"LDAP DN of the entry to be created",
            "type":"string"
        },
        "attributes":{
            "$ref":"#/definitions/Proxy LDAP Workflow Element Properties"
        }
    }
}

Nested Schema : Proxy LDAP Workflow Element Properties

Type: object

Show Source

• cn(optional): string
  CN (common name) of the entry
• ds-cfg-client-cred-mode: string
  Allowed Values: [ "use-client-identity", "use-proxy-auth", "use-specific-identity" ]

  Specifies the way the proxy server binds to the remote LDAP server.
• ds-cfg-enabled: boolean
  Indicates whether the Workflow Element is enabled for use in the server.
• ds-cfg-exclude-list(optional): array ds-cfg-exclude-list
  The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.
• ds-cfg-include-list(optional): array ds-cfg-include-list
  The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.
• ds-cfg-java-class: string
  Default Value: com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement

  Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation.
• ds-cfg-ldap-server-extension: string
  Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element.
• ds-cfg-log-silent-bind-response-controls(optional): boolean
  Default Value: false

  Indicates whether the logging of the silent-bind response controls is enabled.
• ds-cfg-never-bind(optional): boolean
  Default Value: false

  Indicates whether the never-bind flag is enabled.
• ds-cfg-never-bind-user-password-attribute(optional): string
  Default Value: userPassword

  This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value "userPassword" is used instead.
• ds-cfg-remote-ldap-server-bind-dn(optional): string
  DN which will be used to connect to a remote server. This DN must exist on the remote server.
• ds-cfg-remote-ldap-server-bind-password(optional): string
  Password which will be used to connect to the remote server.
• ds-cfg-remote-ldap-server-bind-password-file(optional): string
  File which contains the password which will be used to connect to the remote server.
• ds-cfg-remote-root-dn(optional): string
  The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value "" denotes the anonymous credentials. If "" is provided then the remote-ldap-server-bind-password property is ignored.
• ds-cfg-remote-root-password(optional): string
  Password which will be used by the root DN to connect to the remote server.
• ds-cfg-search-count-limit(optional): integer(int32)
  Default Value: 0

  The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request.
• ds-cfg-use-proxy-auth(optional): boolean
  Default Value: false

  This flag indicates whether the LDAP connector can use the proxy authorization control.
• objectclass: array objectclass
  Objectclass(es) which this entry belongs to.

{
    "type":"object",
    "required":[
        "objectclass",
        "ds-cfg-java-class",
        "ds-cfg-client-cred-mode",
        "ds-cfg-ldap-server-extension",
        "ds-cfg-enabled"
    ],
    "properties":{
        "objectclass":{
            "type":"array",
            "description":"Objectclass(es) which this entry belongs to.",
            "items":{
                "type":"string"
            }
        },
        "cn":{
            "type":"string",
            "description":"CN (common name) of the entry"
        },
        "ds-cfg-java-class":{
            "description":"Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation. ",
            "readOnly":false,
            "default":"com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement",
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-dn":{
            "description":"DN which will be used to connect to a remote server. This DN must exist on the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-never-bind":{
            "description":"Indicates whether the never-bind flag is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-never-bind-user-password-attribute":{
            "description":"This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value \"userPassword\" is used instead. ",
            "readOnly":false,
            "default":"userPassword",
            "type":"string"
        },
        "ds-cfg-use-proxy-auth":{
            "description":"This flag indicates whether the LDAP connector can use the proxy authorization control. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-include-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-client-cred-mode":{
            "description":"Specifies the way the proxy server binds to the remote LDAP server. ",
            "readOnly":false,
            "type":"string",
            "enum":[
                "use-client-identity",
                "use-proxy-auth",
                "use-specific-identity"
            ]
        },
        "ds-cfg-remote-ldap-server-bind-password-file":{
            "description":"File which contains the password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-password":{
            "description":"Password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-root-password":{
            "description":"Password which will be used by the root DN to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-ldap-server-extension":{
            "description":"Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-search-count-limit":{
            "description":"The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request. ",
            "readOnly":false,
            "default":0,
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-enabled":{
            "description":"Indicates whether the Workflow Element is enabled for use in the server. ",
            "readOnly":false,
            "type":"boolean"
        },
        "ds-cfg-remote-root-dn":{
            "description":"The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value \"\" denotes the anonymous credentials. If \"\" is provided then the remote-ldap-server-bind-password property is ignored. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-log-silent-bind-response-controls":{
            "description":"Indicates whether the logging of the silent-bind response controls is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-exclude-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        }
    }
}

Nested Schema : ds-cfg-exclude-list

Type: array

The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.

Show Source

• Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : ds-cfg-include-list

Type: array

The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.

Show Source

• Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : objectclass

Type: array

Objectclass(es) which this entry belongs to.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Objectclass(es) which this entry belongs to.",
    "items":{
        "type":"string"
    }
}

201 Response

Created

Body ()

Root Schema : Proxy LDAP Workflow Element ADDResponse

Type: object

Show Source

• msgType: string
  Default Value: urn:ietf:params:rest:schemas:oracle:oud:1.0:AddResponse

  The REST message type
• searchResultEntries: array searchResultEntries
• totalResults: integer(int32)
  Specifies the number of entries created, and returned.

{
    "type":"object",
    "required":[
        "msgType",
        "totalResults",
        "searchResultEntries"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "default":"urn:ietf:params:rest:schemas:oracle:oud:1.0:AddResponse",
            "type":"string"
        },
        "totalResults":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the number of entries created, and returned."
        },
        "searchResultEntries":{
            "type":"array",
            "items":{
                "$ref":"#/definitions/Proxy LDAP Workflow Element SearchResultEntry"
            }
        }
    }
}

Nested Schema : searchResultEntries

Type: array

Show Source

• Array of: object Proxy LDAP Workflow Element SearchResultEntry

{
    "type":"array",
    "items":{
        "$ref":"#/definitions/Proxy LDAP Workflow Element SearchResultEntry"
    }
}

Nested Schema : Proxy LDAP Workflow Element SearchResultEntry

Type: object

Show Source

• attributes: object Proxy LDAP Workflow Element Properties
• dn: string
  LDAP DN of the entry to be created

{
    "type":"object",
    "required":[
        "dn",
        "attributes"
    ],
    "properties":{
        "dn":{
            "description":"LDAP DN of the entry to be created",
            "type":"string"
        },
        "attributes":{
            "$ref":"#/definitions/Proxy LDAP Workflow Element Properties"
        }
    }
}

Nested Schema : Proxy LDAP Workflow Element Properties

Type: object

Show Source

• cn(optional): string
  CN (common name) of the entry
• ds-cfg-client-cred-mode: string
  Allowed Values: [ "use-client-identity", "use-proxy-auth", "use-specific-identity" ]

  Specifies the way the proxy server binds to the remote LDAP server.
• ds-cfg-enabled: boolean
  Indicates whether the Workflow Element is enabled for use in the server.
• ds-cfg-exclude-list(optional): array ds-cfg-exclude-list
  The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.
• ds-cfg-include-list(optional): array ds-cfg-include-list
  The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.
• ds-cfg-java-class: string
  Default Value: com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement

  Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation.
• ds-cfg-ldap-server-extension: string
  Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element.
• ds-cfg-log-silent-bind-response-controls(optional): boolean
  Default Value: false

  Indicates whether the logging of the silent-bind response controls is enabled.
• ds-cfg-never-bind(optional): boolean
  Default Value: false

  Indicates whether the never-bind flag is enabled.
• ds-cfg-never-bind-user-password-attribute(optional): string
  Default Value: userPassword

  This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value "userPassword" is used instead.
• ds-cfg-remote-ldap-server-bind-dn(optional): string
  DN which will be used to connect to a remote server. This DN must exist on the remote server.
• ds-cfg-remote-ldap-server-bind-password(optional): string
  Password which will be used to connect to the remote server.
• ds-cfg-remote-ldap-server-bind-password-file(optional): string
  File which contains the password which will be used to connect to the remote server.
• ds-cfg-remote-root-dn(optional): string
  The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value "" denotes the anonymous credentials. If "" is provided then the remote-ldap-server-bind-password property is ignored.
• ds-cfg-remote-root-password(optional): string
  Password which will be used by the root DN to connect to the remote server.
• ds-cfg-search-count-limit(optional): integer(int32)
  Default Value: 0

  The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request.
• ds-cfg-use-proxy-auth(optional): boolean
  Default Value: false

  This flag indicates whether the LDAP connector can use the proxy authorization control.
• objectclass: array objectclass
  Objectclass(es) which this entry belongs to.

{
    "type":"object",
    "required":[
        "objectclass",
        "ds-cfg-java-class",
        "ds-cfg-client-cred-mode",
        "ds-cfg-ldap-server-extension",
        "ds-cfg-enabled"
    ],
    "properties":{
        "objectclass":{
            "type":"array",
            "description":"Objectclass(es) which this entry belongs to.",
            "items":{
                "type":"string"
            }
        },
        "cn":{
            "type":"string",
            "description":"CN (common name) of the entry"
        },
        "ds-cfg-java-class":{
            "description":"Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation. ",
            "readOnly":false,
            "default":"com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement",
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-dn":{
            "description":"DN which will be used to connect to a remote server. This DN must exist on the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-never-bind":{
            "description":"Indicates whether the never-bind flag is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-never-bind-user-password-attribute":{
            "description":"This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value \"userPassword\" is used instead. ",
            "readOnly":false,
            "default":"userPassword",
            "type":"string"
        },
        "ds-cfg-use-proxy-auth":{
            "description":"This flag indicates whether the LDAP connector can use the proxy authorization control. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-include-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-client-cred-mode":{
            "description":"Specifies the way the proxy server binds to the remote LDAP server. ",
            "readOnly":false,
            "type":"string",
            "enum":[
                "use-client-identity",
                "use-proxy-auth",
                "use-specific-identity"
            ]
        },
        "ds-cfg-remote-ldap-server-bind-password-file":{
            "description":"File which contains the password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-password":{
            "description":"Password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-root-password":{
            "description":"Password which will be used by the root DN to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-ldap-server-extension":{
            "description":"Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-search-count-limit":{
            "description":"The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request. ",
            "readOnly":false,
            "default":0,
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-enabled":{
            "description":"Indicates whether the Workflow Element is enabled for use in the server. ",
            "readOnly":false,
            "type":"boolean"
        },
        "ds-cfg-remote-root-dn":{
            "description":"The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value \"\" denotes the anonymous credentials. If \"\" is provided then the remote-ldap-server-bind-password property is ignored. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-log-silent-bind-response-controls":{
            "description":"Indicates whether the logging of the silent-bind response controls is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-exclude-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        }
    }
}

Nested Schema : ds-cfg-exclude-list

Type: array

The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.

Show Source

• Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : ds-cfg-include-list

Type: array

The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.

Show Source

• Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : objectclass

Type: array

Objectclass(es) which this entry belongs to.

Show Source

• Array of: string

{
    "type":"array",
    "description":"Objectclass(es) which this entry belongs to.",
    "items":{
        "type":"string"
    }
}

204 Response

No content

406 Response

Not Acceptable

Body ()

Root Schema : ErrorResponse

Type: object

Show Source

• ldapErrorCode(optional): integer(int32)
  Specifies the LDAP error code returned for the operation.
• message: string
  Error message returned returned for the operation.
• msgType: string
  Default Value: urn:ietf:params:rest:schemas:oracle:oud:1.0:ErrorResponse

  The REST message type

{
    "type":"object",
    "required":[
        "msgType",
        "message"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "default":"urn:ietf:params:rest:schemas:oracle:oud:1.0:ErrorResponse",
            "type":"string"
        },
        "message":{
            "description":"Error message returned returned for the operation.",
            "type":"string"
        },
        "ldapErrorCode":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the LDAP error code returned for the operation."
        }
    }
}

Back to Top