Oracle Internet Directory Application Developer's Guide -- Index

abandoning an operation, 3-42

access control, 2-6, 2-8

and authorization, 2-8

access control information (ACI), 2-8

attributes, 2-8

directives

format, 2-8

Access Control List (ACL), 2-8

access control lists (ACLs), 2-8

ACI. See access control information (ACI)

ACLs. See Access Control List (ACL)

add.log, A-7

administration tools

ldapaddmt, A-7

ldapbind, A-9

ldapcompare, A-19

ldapdelete, A-10

ldapmoddn, A-11

ldapmodify, A-22

ldapmodifymt, A-27

anonymous authentication, 2-7

applications, building

with PL/SQL LDAP API, 4-2

with the C API, 3-63

attribute options

searching for by using ldapsearch, A-16

attributes

adding

concurrently, by using ldapaddmt, A-7

to existing entries, A-4

attribute options

searching for by using ldapsearch, A-16

deleting

by using ldapmodify, A-25

values, by using ldapmodify, A-25

in LDIF files, A-2

types, 2-5

values, 2-5

replacing, by using ldapmodify, A-25

authentication, 2-6

anonymous, 2-7

certificate-based, 2-7

Kerberos, A-5, A-8, A-10

modes, SSL, 3-2

one-way SSL, 2-7

options, 2-7

password-based, 2-7

PKI, 2-9

SSL, 2-7, 3-2, A-6, A-8, A-9, A-23, A-28

none, 3-2

one-way, 3-2

two-way, 3-2

strong, 2-7

to a directory server

enabling, 2-15

enabling, by using DBMS_LDAP, 2-16

enabling, by using the C API, 2-15

to the directory, 3-17

two-way SSL, 2-7

authorization, 2-6, 2-8

authorization ID, 2-6

bulk tools, 1-2

C API, 3-1

functions

abandon, 3-42

abandon_ext, 3-42

add, 3-36

add_ext, 3-36

add_ext_s, 3-36

add_s, 3-36

compare, 3-26

compare_ext, 3-26

compare_ext_s, 3-26

compare_s, 3-26

count_entries, 3-51

count_references, 3-51

count_values, 3-55

count_values_len, 3-55

delete, 3-38

delete_ext, 3-38

delete_ext_s, 3-38

delete_s, 3-38

dn2ufn, 3-57

err2string, 3-46

explode_dn, 3-57

explode_rdn, 3-57

extended_operation, 3-40

extended_operation_s, 3-40

first_attribute, 3-53

first_entry, 3-51

first_message, 3-49

first_reference, 3-51

get_dn, 3-57

get_entry_controls, 3-59

get_option, 3-10

get_values, 3-55

get_values_len, 3-55

init, 3-9

init_ssl call, 3-3

modify, 3-30

modify_ext, 3-30

modify_ext_s, 3-30

modify_s, 3-30

msgfree, 3-43

msgid, 3-43

msgtype, 3-43

next_attribute, 3-53

next_entry, 3-51

next_message, 3-49

next_reference, 3-51

open, 3-9

parse_extended_result, 3-46

parse_reference, 3-60

parse_result, 3-46

parse_sasl_bind_result, 3-46

rename, 3-33

rename_s, 3-33

result, 3-43

sasl_bind, 3-17

sasl_bind_s, 3-17

search, 3-21

search_ext, 3-21

search_ext_s, 3-21

search_s, 3-21

search_st, 3-21

set_option, 3-10

simple_bind, 3-17

simple_bind_s, 3-17

unbind, 3-20

unbind_ext, 3-20

unbind_s, 3-20

value_free, 3-55

value_free_len, 3-55

reference, 3-4

sample search tool, 3-63

sample usage, 3-61

summary, 3-4

usage with SSL, 3-61

usage without SSL, 3-62

Catalog Management Tool

syntax, A-18

Catalog Management tool

syntax, A-18

catalog.sh

syntax, A-18

catldap.sql, 4-2

certificate authority, 2-7

certificate-based authentication, 2-7

certificates, 2-7

change types, in ldapmodify input files, A-24

changetype

add, A-24

delete, A-25

modify, A-24

modrdn, A-25

children of an entry, listing, 3-26

command line tools

ldapaddmt, A-7

ldapbind, A-9

ldapcompare, A-19

ldapdelete, A-10

ldapmoddn, A-11

ldapmodify, A-22

ldapmodifymt, A-27

ldapsearch, A-13

command-line tools

syntax, A-4

components

Oracle Internet Directory SDK, 1-2

controls, working with, 3-15

data

integrity, 2-6, 2-8

privacy, 2-6, 2-9

data-type summary, 4-9

DBMS_LDAP

about, 4-1

building applications with, 4-2

sample usage

about, B-1

for a search, B-10

from a database trigger, B-2

Java sample code, B-34

DBMS_LDAP package, 2-10, 4-1

searching by using, 2-17

DBMS_LDAP_UTL

about, 7-1

data-types, 7-47

function return codes, 7-45

group-related subprograms

about, 7-3

function create_group_handle, 7-23

function get_group_dn, 7-28

function get_group_properties, 7-26

function set_group_handle_properties, 7-24

miscellaneous subprograms

about, 7-4

function check_interface_version, 7-44

function create_mod_propertyset, 7-41

function get_property_names, 7-36

function get_property_values, 7-38

function get_property_values_len, 7-39

function normalize_dn_with_case, 7-35

function populate_mod_propertyset, 7-42

procedure free_handle, 7-44

procedure free_mod_propertyset, 7-43

procedure free_propertyset_collection, 7-40

reference, 7-2

subscriber-related subprograms

about, 7-4

function create_subscriber_handle, 7-30

function get_subscriber_dn, 7-33

function get_subscriber_properties, 7-31

user-related subprograms

about, 7-3

function authenticate_user, 7-6

function check_group_membership, 7-18

function create_user_handle, 7-8

function get_group_membership, 7-21

function get_user_dn, 7-16

function get_user_extended_properties, 7-15

function get_user_properties, 7-11

function locate_subscriber_for_user, 7-19

function set_user_handle_properties, 7-9

function set_user_properties, 7-13

deleting values from attributes, A-25

dependencies and limitations, 3-76, 4-2

C API, 3-76

PL/SQL API, 4-2

DES40 encryption, 2-9

directives, 2-8

directory information tree (DIT), 2-2

distinguished names, 2-2

components of, 2-3

format, 2-3

in LDIF files, A-2

DNs. see distinguished names.

documentation, related, xvii

encryption

DES40, 2-9

levels available in Oracle Internet Directory, 2-9

options for passwords, 2-9

passwords, 2-9

default, 2-9

MD4, 2-9

MD5, 2-9

SHA, 2-9

UNIX crypt, 2-9

RC4_40, 2-9

entries

adding

by using ldapaddmt, A-7

concurrently, A-7

deleting

by using ldapdelete, A-10

by using ldapmodify, A-25

distinguished names of, 2-2

locating by using distinguished names, 2-3

modifying

by using ldapmodify, A-22

concurrently by using ldapmodifymt, A-27

naming, 2-2

reading, 3-26

errors

handling and parsing results, 3-46

examples of ldapsearch filters, A-15

exception summary, 4-6

filters, 2-22

IETF-compliant, A-13

ldapsearch, A-15

formats, of distinguished names, 2-3

group entries, creating by using ldapmodify, A-24

header files and libraries, required, 3-63

history of LDAP, 2-2

integrity, data, 2-8

interface calls, SSL, 3-3

Java, 1-2

Java API reference

about, 6-1

class descriptions, 6-2

group class, 6-4

Property class, 6-5

PropertySet class, 6-5

PropertySetCollection class, 6-5

subscriber class, 6-3

user class, 6-2

classes, 6-6

exceptions, 6-69

JNDI, 1-2

jpeg images, adding with ldapadd, A-7

Kerberos authentication, A-5, A-8, A-10

LDAP

data interchange format (LDIF), A-2

syntax, A-2

functional model, 2-5

history, 2-2

information model, 2-4

messages, obtaining results and peeking inside, 3-43

naming model, 2-2

operations, performing, 3-21

search filters, IETF-compliant, A-13

security model, 2-6

session handle options, 3-10

in the C API, 2-15

sessions

initializing, 2-13, 3-9

version 2 C API, 3-2

ldapadd

adding jpeg images, A-7

ldapaddmt, A-7

adding entries concurrently, A-7

log, A-7

syntax, A-7

ldapbind, A-9

syntax, A-9

ldap-bind operation, 2-6

ldapcompare, A-19

syntax, A-19, A-20

ldapdelete, A-10

deleting entries, A-10

syntax, A-10

ldapmoddn, A-11

syntax, A-11

ldapmodify, A-22

adding values to multivalued attributes, A-24

change types, A-24

creating group entries, A-24

deleting entries, A-25

LDIF files in, A-4, A-7, A-22, A-27

replacing attribute values, A-25

syntax, A-22

ldapmodifymt, A-27

by using, A-27

multithreaded processing, A-28

syntax, A-27

ldapsearch, 3-63

filters, A-15

syntax, A-13

LDIF

by using, A-2

files, in ldapmodify commands, A-4, A-7, A-22, A-27

formatting notes, A-3

formatting rules, A-3

syntax, A-2

MD4, for password encryption, 2-9

MD5, for password encryption, 2-9

multiple threads, A-28

in ldapaddmt, A-7

increasing the number of, A-7

multithreaded command line tools

ldapaddmt, A-7

ldapmodifymt, A-28

multivalued attributes, adding values to, A-24

naming entries, 2-2

object classes

adding concurrently by using ldapaddmt, A-7

in LDIF files, A-2

objects, removing, A-10, A-22

one-way SSL authentication, 2-7, 3-2

OpenLDAP Community, xviii

operating systems supported by Oracle Internet Directory, 1-3

operational attributes

ACI, 2-8

Oracle Directory Manager, 1-2

listing attribute types, A-3

Oracle directory replication server, 1-2

Oracle directory server, 1-2

Oracle Extensions

LDAP access model, 5-2

Oracle extensions

about, 5-1

API enhancements

assumptions, 5-6

functional categorization, 5-7

overview and usage model, 5-6

usage model, 5-8

application

deinstallation logic, 5-4

installation logic, 5-3

runtime logic, 5-3

shutdown logic, 5-4

startup and bootstrap logic, 5-3

entities modeled in LDAP

about, 5-4

groups, 5-5

subscribers, 5-5

users, 5-5

programming abstractions

for Java language, 5-10

for PL/SQL language, 5-9

user management functionality, 5-10, 5-11

Oracle extensions to support SSL, 3-2

Oracle instances, Glossary-22

Oracle Internet Directory, components, 1-2

Oracle SSL call interface, 3-2, 4-2

Oracle SSL extensions, 3-2

Oracle SSL-related libraries, 3-77

Oracle system libraries, 3-77

Oracle wallet, 3-3

Oracle Wallet Manager, 3-3

required for creating wallets, 3-76

Oracle wallet parameter

modifying, A-6, A-8, A-9, A-11, A-13, A-15, A-21, A-23, A-28

Oracle wallets, changing location of, A-6, A-8, A-9, A-11, A-13, A-15, A-21, A-23, A-28

overview of LDAP models, 2-2

password-based authentication, 2-7

passwords

encryption, 2-6, 2-9

default, 2-9

MD4, 2-9

MD5, 2-9

SHA, 2-9

UNIX crypt, 2-9

encryption options, 2-9

policies, 2-10

performance

increasing, by using multiple threads, A-7

permissions, 2-6, 2-8

PKI authentication, 2-9

PL/SQL API, 4-1, 4-2

contains subset of C API, 2-10

data-type summary, 4-9

dependencies and limitations, 4-2

exception summary, 4-6

functions

add_s, 4-55

ber_free, 4-68

bind_s, 4-14

compare_s, 4-18

count_entries, 4-30

count_values, 4-58

count_values_len, 4-59

create_mod_array, 4-47

dbms_ldap.init, 4-11

delete_s, 4-42

err2string, 4-46

explode_dn, 4-62

first_attribute, 4-32

first_entry, 4-26

get_dn, 4-36

get_values, 4-38

get_values_len, 4-40

init, 4-10

modify_s, 4-53

modrdn2_s, 4-44

msgfree, 4-66

next_attribute, 4-34

next_entry, 4-28

open_ssl, 4-64, 4-66, 4-68

rename_s, 4-60

search_s, 4-20

search_st, 4-23

simple_bind_s, 4-12

unbind_s, 4-16

loading into database, 4-2

procedures

free_mod_array, 4-57

populate_mod_array (binary version), 4-51

populate_mod_array (string version), 4-49

reference, 4-3

subprograms, 4-10

summary, 4-3

using for a search, B-10

using from a database trigger, B-2

privacy, data, 2-6, 2-9

privileges, 2-6, 2-8

procedures, PL/SQL

free_mod_array, 4-57

populate_mod_array (binary version), 4-51

populate_mod_array (string version), 4-49

provisioning tool

syntax, A-29

public key

infrastructure, 2-9

RC4_40 encryption, 2-9

RDNs. see relative distinguished names (RDNs)