Oracle Internet Directory Application Developer's Guide -- Index

abandoning an operation, 3-42

access control, 2-6, 2-8

and authorization, 2-8

access control information (ACI), 2-9

attributes, 2-8

directives

format, 2-9

Access Control List (ACL), 2-8

access control lists (ACLs), 2-8

ACI. See access control information (ACI)

ACLs. See Access Control List (ACL)

add.log, 9-7

administration tools

ldapadd, 9-5

ldapaddmt, 9-7

ldapbind, 9-9

ldapcompare, 9-10

ldapdelete, 9-11

ldapmoddn, 9-13

ldapmodify, 9-15

ldapmodifymt, 9-20

anonymous authentication, 2-7

applications, building

with PL/SQL LDAP API, 4-2

with the C API, 3-63

attribute options

searching for by using ldapsearch, 9-26

attributes

adding

by using ldapadd, 9-5

concurrently, by using ldapaddmt, 9-7

to existing entries, 9-5

attribute options

searching for by using ldapsearch, 9-26

deleting

by using ldapmodify, 9-18

values, by using ldapmodify, 9-18

in LDIF files, 9-2

types, 2-5

values, 2-5

replacing, by using ldapmodify, 9-18

authentication, 2-6, 2-7

anonymous, 2-7

certificate-based, 2-7

Kerberos, 9-6, 9-8, 9-12

modes, SSL, 3-2

one-way SSL, 2-8

options, 2-7

password-based, 2-7

PKI, 2-9

SSL, 2-7, 2-8, 3-2, 9-6, 9-8, 9-9, 9-16, 9-21

none, 3-2

one-way, 3-2

two-way, 3-2

strong, 2-7

to a directory server

enabling, 2-16

enabling, by using DBMS_LDAP, 2-17

enabling, by using the C API, 2-16

to the directory, 3-17

two-way SSL, 2-8

authorization, 2-6, 2-8

authorization ID, 2-7

bulk tools, 1-2

C API, 3-1

functions

abandon, 3-42

abandon_ext, 3-42

add, 3-36

add_ext, 3-36

add_ext_s, 3-36

add_s, 3-36

compare, 3-27

compare_ext, 3-27

compare_ext_s, 3-27

compare_s, 3-27

count_entries, 3-51

count_references, 3-51

count_values, 3-55

count_values_len, 3-55

delete, 3-38

delete_ext, 3-38

delete_ext_s, 3-38

delete_s, 3-38

dn2ufn, 3-57

err2string, 3-46

explode_dn, 3-57

explode_rdn, 3-57

extended_operation, 3-40

extended_operation_s, 3-40

first_attribute, 3-53

first_entry, 3-51

first_message, 3-49

first_reference, 3-51

get_dn, 3-57

get_entry_controls, 3-59

get_option, 3-10

get_values, 3-55

get_values_len, 3-55

init, 3-9

init_ssl call, 3-3

modify, 3-30

modify_ext, 3-30

modify_ext_s, 3-30

modify_s, 3-30

msgfree, 3-43

msgid, 3-43

msgtype, 3-43

next_attribute, 3-53

next_entry, 3-51

next_message, 3-49

next_reference, 3-51

open, 3-9

parse_extended_result, 3-46

parse_reference, 3-60

parse_result, 3-46

parse_sasl_bind_result, 3-46

rename, 3-33

rename_s, 3-33

result, 3-43

sasl_bind, 3-17

sasl_bind_s, 3-17

search, 3-21

search_ext, 3-21

search_ext_s, 3-21

search_s, 3-21

search_st, 3-21

set_option, 3-10

simple_bind, 3-17

simple_bind_s, 3-17

unbind, 3-20

unbind_ext, 3-20

unbind_s, 3-20

value_free, 3-55

value_free_len, 3-55

reference, 3-4

sample search tool, 3-63

sample usage, 3-61

summary, 3-4

usage with SSL, 3-61

usage without SSL, 3-62

Catalog Management Tool

syntax, 9-28

catldap.sql, 4-2

certificate authority, 2-7

certificate-based authentication, 2-7

certificates, 2-7

change types, in ldapmodify input files, 9-17

changetype

add, 9-17

delete, 9-18

modify, 9-17

modrdn, 9-18

children of an entry, listing, 3-26

command line tools

ldapadd, 9-5

ldapaddmt, 9-7

ldapbind, 9-9

ldapcompare, 9-10

ldapdelete, 9-11

ldapmoddn, 9-13

ldapmodify, 9-15

ldapmodifymt, 9-20

ldapsearch, 9-22

syntax, 9-4

components

Oracle Internet Directory SDK, 1-2

controls, working with, 3-15

data

integrity, 2-7, 2-9

privacy, 2-7, 2-9

data-type summary, 4-8

DBMS_LDAP

about, 4-1

building applications with, 4-2

sample usage

about, A-1

for a search, A-10

from a database trigger, A-2

Java sample code, A-13

DBMS_LDAP package, 2-11, 4-1

searching by using, 2-18

DBMS_LDAP_UTL

about, 7-1

data-types, 7-41

function return codes, 7-39

group-related subprograms

about, 7-3

function create_group_handle, 7-19

function get_group_dn, 7-23

function get_group_properties, 7-22

function set_group_handle_properties, 7-20

miscellaneous subprograms

about, 7-4

function check_interface_version, 7-38

function create_mod_propertyset, 7-35

function get_property_names, 7-30

function get_property_values, 7-31

function get_property_values_len, 7-33

function normalize_dn_with_case, 7-29

function populate_mod_propertyset, 7-36

procedure free_handle, 7-37

procedure free_mod_propertyset, 7-37

procedure free_propertyset_collection, 7-34

reference, 7-2

subscriber-related subprograms

about, 7-3

function create_subscriber_handle, 7-25

function get_subscriber_dn, 7-28

function get_subscriber_properties, 7-26

user-related subprograms

about, 7-3

function authenticate_user, 7-4

function check_group_membership, 7-15

function create_user_handle, 7-6

function get_group_membership, 7-18

function get_user_dn, 7-14

function get_user_extended_properties, 7-12

function get_user_properties, 7-8

function locate_subscriber_for_user, 7-16

function set_user_handle_properties, 7-7

function set_user_properties, 7-10

deleting values from attributes, 9-18

dependencies and limitations, 3-76, 4-2

C API, 3-76

PL/SQL API, 4-2

DES40 encryption, 2-9

directives, 2-9

directory information tree (DIT), 2-2

distinguished names, 2-2

components of, 2-3

format, 2-3

in LDIF files, 9-2

DNs. see distinguished names.

documentation, related, xvii

encryption

DES40, 2-9

levels available in Oracle Internet Directory, 2-9

options for passwords, 2-10

passwords, 2-10

default, 2-10

MD4, 2-10

MD5, 2-10

SHA, 2-10

UNIX crypt, 2-10

RC4_40, 2-9

entries

adding

by using ldapadd, 9-5

by using ldapaddmt, 9-7

concurrently, 9-7

deleting

by using ldapdelete, 9-11

by using ldapmodify, 9-18

distinguished names of, 2-2

locating by using distinguished names, 2-3

modifying

by using ldapmodify, 9-15

concurrently by using ldapmodifymt, 9-20

naming, 2-2

reading, 3-26

errors

handling and parsing results, 3-46

examples of ldapsearch filters, 9-25

exception summary, 4-6

filters, 2-23

IETF-compliant, 9-22

ldapsearch, 9-25

formats, of distinguished names, 2-3

group entries, creating by using ldapmodify, 9-17

header files and libraries, required, 3-63

history of LDAP, 2-2

integrity, data, 2-9

interface calls, SSL, 3-3

Java, 1-2

Java API reference

about, 6-1

class descriptions, 6-2

group class, 6-4

Property class, 6-4

PropertySet class, 6-4

PropertySetCollection class, 6-4

subscriber class, 6-3

user class, 6-2

classes, 6-6

exceptions, 6-69

JNDI, 1-2

jpeg images, adding with ldapadd, 9-7

Kerberos authentication, 9-6, 9-8, 9-12

LDAP

data interchange format (LDIF), 9-2

syntax, 9-2

functional model, 2-6

history, 2-2

information model, 2-4

messages, obtaining results and peeking inside, 3-43

naming model, 2-2

operations, performing, 3-21

search filters, IETF-compliant, 9-22

security model, 2-6

session handle options, 3-10

in the C API, 2-16

sessions

initializing, 2-14, 3-9

version 2 C API, 3-2

ldapadd, 9-5

adding entries, 9-5

adding jpeg images, 9-7

syntax, 9-5

ldapaddmt, 9-7

adding entries concurrently, 9-7

log, 9-7

syntax, 9-7

ldapbind, 9-9

syntax, 9-9

ldap-bind operation, 2-7

ldapcompare, 9-10

syntax, 9-10

ldapdelete, 9-11

deleting entries, 9-11

syntax, 9-11

ldapmoddn, 9-13

syntax, 9-13

ldapmodify, 9-15

adding values to multivalued attributes, 9-17

change types, 9-17

creating group entries, 9-17

deleting entries, 9-18

LDIF files in, 9-5, 9-7, 9-15, 9-20

replacing attribute values, 9-18

syntax, 9-15

ldapmodifymt, 9-20

by using, 9-20

multithreaded processing, 9-21

syntax, 9-20

ldapsearch, 3-63

filters, 9-25

syntax, 9-22

LDIF

by using, 9-2

files, in ldapmodify commands, 9-5, 9-7, 9-15, 9-20

formatting notes, 9-3

formatting rules, 9-3

syntax, 9-2

MD4, for password encryption, 2-10

MD5, for password encryption, 2-10

multiple threads, 9-21

in ldapaddmt, 9-7

increasing the number of, 9-7

multithreaded command line tools

ldapaddmt, 9-7

ldapmodifymt, 9-21

multivalued attributes, adding values to, 9-17

naming entries, 2-2

object classes

adding concurrently by using ldapaddmt, 9-7

in LDIF files, 9-2

objects, removing, 9-11, 9-15

one-way SSL authentication, 2-8, 3-2

OpenLDAP Community, xviii

operating systems supported by Oracle Internet Directory, 1-3

operational attributes

ACI, 2-8

Oracle Directory Manager, 1-2

listing attribute types, 9-3

Oracle directory replication server, 1-2

Oracle directory server, 1-2

Oracle Extensions

LDAP access model, 5-2

Oracle extensions

about, 5-1

API enhancements

assumptions, 5-6

functional categorization, 5-7

overview and usage model, 5-6

usage model, 5-8

application

deinstallation logic, 5-4

installation logic, 5-3

runtime logic, 5-3

shutdown logic, 5-4

startup and bootstrap logic, 5-3

entities modeled in LDAP

about, 5-4

groups, 5-5

subscribers, 5-5

users, 5-4

programming abstractions

for Java language, 5-10

for PL/SQL language, 5-9

user management functionality, 5-10, 5-11

Oracle extensions to support SSL, 3-2

Oracle instances, Glossary-22

Oracle Internet Directory, components, 1-2

Oracle SSL call interface, 3-2, 4-2

Oracle SSL extensions, 3-2

Oracle SSL-related libraries, 3-77

Oracle system libraries, 3-77

Oracle wallet, 3-3

Oracle Wallet Manager, 3-3

required for creating wallets, 3-76

Oracle wallet parameter

modifying, 9-6, 9-8, 9-9, 9-11, 9-13, 9-14, 9-16, 9-21, 9-23

Oracle wallets, changing location of, 9-6, 9-8, 9-9, 9-11, 9-13, 9-14, 9-16, 9-21, 9-23

overview of LDAP models, 2-2

password-based authentication, 2-7

passwords

encryption, 2-7, 2-10

default, 2-10

MD4, 2-10

MD5, 2-10

SHA, 2-10

UNIX crypt, 2-10

encryption options, 2-10

policies, 2-10

performance

increasing, by using multiple threads, 9-7

permissions, 2-6, 2-8

PKI authentication, 2-9

PL/SQL API, 4-1, 4-2

contains subset of C API, 2-11

data-type summary, 4-8

dependencies and limitations, 4-2

exception summary, 4-6

functions

add_s, 4-54

ber_free, 4-67

bind_s, 4-13

compare_s, 4-17

count_entries, 4-29

count_values, 4-57

count_values_len, 4-58

create_mod_array, 4-46

dbms_ldap.init, 4-10

delete_s, 4-41

err2string, 4-45

explode_dn, 4-61

first_attribute, 4-31

first_entry, 4-25

get_dn, 4-35

get_values, 4-37

get_values_len, 4-39

init, 4-9

modify_s, 4-52

modrdn2_s, 4-43

msgfree, 4-65

next_attribute, 4-33

next_entry, 4-27

open_ssl, 4-63, 4-65, 4-67

rename_s, 4-59

search_s, 4-19

search_st, 4-22

simple_bind_s, 4-11

unbind_s, 4-15

loading into database, 4-2

procedures

free_mod_array, 4-56

populate_mod_array (binary version), 4-50

populate_mod_array (string version), 4-48

reference, 4-3

subprograms, 4-9

summary, 4-3

using for a search, A-10

using from a database trigger, A-2

privacy, data, 2-7, 2-9

privileges, 2-6, 2-8

procedures, PL/SQL

free_mod_array, 4-56

populate_mod_array (binary version), 4-50

populate_mod_array (string version), 4-48

provisioning tool

syntax, 9-29

public key

infrastructure, 2-9

RC4_40 encryption, 2-9

RDNs. see relative distinguished names (RDNs)