Skip Headers
Oracle® Virtual Directory Product Manual
Release 10
g
(10.1.4.2.0)
E10286-01
Next
Contents
Title and Copyright Information
Preface
Audience
Documentation Accessibility
Related Documents
Conventions
1
Overview
Introduction
Overview of Oracle's Directory Services
Oracle Virtual Directory Features
Why the Enterprise Directory Is Not Enough
Data Federation
Data Ownership
Multiple Data Adapters
Flexible Security Domains
Secure Data Publication
High Availability Support
Application to Directory Integration
Flexible Deployment
Custom Application Programming Interfaces
Low-Cost, High-Value Solutions
Key Business Features & Benefits
2
Planning the Virtual Directory
Virtualizing Directory Information
Foundation for Trust
Mapping Source Directory Information To Application Requirements
The Directory Network Design
Setting Fault Tolerance and Load-Balancing
Fault Handling
Planning Namespace
Routing Configuration
Application-Directory Integration
Revising the Application
Creating a Super Directory
Virtualizing Application Access with Oracle Virtual Directory
Planning Fault-Tolerant Deployments
DNS and Network Fail Over
Oracle Virtual Directory Fail Over
Fail Over with the Local Store Adapter
Proxied Sources Fail Over
Planning Namespaces
Adapter Namespace Design Examples
Oracle Virtual Directory Routing
Dynamic Join Engine and JoinViews
JoinView Configuration Items
JoinView Joiners
Custom Joiners
3
Directory Infrastructure Planning
Introduction
Clogged Replication
Transaction Failover
Connection Domination Syndrome
Everybody's Talking At Once
Too Much Data to Swallow
Conclusion
4
Oracle Virtual Directory Manager
Introduction
Setting the Language for the Oracle Virtual Directory Manager
Setting the Language for the Oracle Virtual Directory Manager Using the Locale Setting
Setting the Language for the Oracle Virtual Directory Manager Using the config.ini File
Using the Oracle Virtual Directory Manager Interface to Write to the config.ini File
Using a Text Editor to Edit the config.ini File Directly
Setting the Language for the Oracle Virtual Directory Manager by Passing Command Line Options to the OViDmanager Executable
Understanding the Oracle Virtual Directory Manager Client
The Directory Management Perspective
Workspaces and Perspectives
Views
Starting a Directory Project
Defining A New Server
Adding A New Adapter
Configuring JDBC For Database Adapters
Preparing the JDBC Libraries
Connecting or Logging-In to the Oracle Virtual Directory
Server Log View
Exporting Access.log Data to CSV Format for Analysis
Saving Changes
Selecting Items
Version Conflicts
Reloading Components
Editing Server Configuration
Edit Conflicts
Mapping Scripts
Defining a Mapping
Deploying a Mapping
Configuring a Mapping for Execution
The Directory Browser View
Administrative Browsers
LDAP Browsing
Displaying Data and Searching
Importing and Exporting LDIF
Refreshing Browsers
Managing Server Libraries
Library Management
Plug-in Management
Plug-in Inventory
Retrieving a Plug-in From a Server
Deploying a Plug-in
Building a Plug-in Using an Oracle Virtual Directory Manager Java Project
Editing Files of a Plug-in
Plug-in Manifest Editor Page
Joiner Management
Joiner Inventory
Managing Joiners
Managing Server Keys
SSL Terminology
Generating a Server Key
Self-Signed Key
Signed Server Keys
Importing a Trusted Certificate
Export
Using the One-Step Configurations Feature to Integrate Oracle Virtual Directory with Microsoft Active Directory or IBM Tivoli Access Manager
Integrating Oracle Virtual Directory with Microsoft Active Directory
Integrating Oracle Virtual Directory with IBM Tivoli Access Manager
Adding New Directories to the Integrated Tivoli Access Manager Configuration
5
Configuration and Settings
Introduction to Oracle Virtual Directory Configuration
Server Configuration
General Information and Licensing Settings
Server Settings
Server Logging
Server Quotas
Closing Inactive Connections
Server Security
Server Views
Server Admin Gateway Configuration
Listener Configuration
LDAP Listener
HTTP Listener
Basic Configuration
Web Gateway Service
Adapter Configuration
Local Store Adapter
Basic Settings
Index Settings
Local Database Settings
Backup Settings
LDAP Adapter Configuration
Directory Namespace and Attribute Mapping
Read / Write / Rename / Compare Support
Access Control and the LDAP Adapter
Basic Settings
LDAP Settings
Connection Settings
Credential Processing
Database Adapter Configuration
Access Control and The Database Adapter
JDBC Java Class Libraries
Database Mapping Considerations
Using the Database Adapter Wizard
Basic Configuration Parameters
Database Settings
Connection Settings
Database Attribute Mapping
Database Adapter Automatic and Manual Schema Configuration
NT Adapter Configuration
Configuration Requirements for NT Adapter
Basic Settings
NT Settings
JoinView Adapter Configuration
Basic Settings
Settings
Join Rules
Simple Joiner
OneToMany Joiner
Shadow Joiner
Schema Configuration
Attribute Definition
ObjectClass Definition
6
Integrating with Oracle's Enterprise User Security
Performing the Integration
Integrating for Use with Microsoft Active Directory
Configuring Active Directory for the Integration
Configuring Oracle Virtual Directory for the Integration
Integrating for Use with Sun Java System Directory Server
Configuring Sun Java System Directory Server for the Integration
Configuring Oracle Virtual Directory for the Integration
Integrating for Use with Oracle Internet Directory
Configuring Oracle Internet Directory for the Integration
Configuring Oracle Virtual Directory for the Integration
Integration Limitations
7
Routing
Introduction
Routing Concepts
Adapter Visibility
Server Criticality
Determining the Order of Adapter Processing in LDAP Operations
Routing Levels
Determining Which Credentials are Used for the Bind Operation
Limiting Retrieving and Storing Of Attributes
Including and Excluding Entries From Client Searches
DN Pattern Matching
Management of Routing
Selection
Attribute Flow
General Settings
8
Mapping System
Introduction
Python Resources
Example Scenarios
Example: Constructing A CN Attribute
Outbound Processing
Inbound Processing
Example: Mapping Active Directory Schema
Mapping Functions
Methods
Data Objects
9
Developing Java Plug-Ins
Introduction
The Chain System
Plug-in Implementation Types
Plug-in Configuration, Initialization and Destruction
Plug-In Availability
Plug-in Operation Implementation
EntrySet Creation
Filter Processing
Classes Overview
Virtual Service Interface
Global Service Interface
Adapter Service Interface
Joiner
Utility Classes
Data Classes
Data Types
Exceptions
10
Configuring Plug-Ins and Mappings
Introduction
Global Plug-ins Example
Adapter Plug-ins Example
Unique Identity Plug-In
Namespace Filtering
Plug-in Configuration Actions
11
Access Control
Introduction
Multi-Tier Authentication and Access Control
Pass-Through Authentication
CRAM-MD5 and SASL Binding
Proxy Account Authentication
Client Certificate Authentication
Source Directory Access Control
Oracle Virtual Directory Access Control
Access Control and Groups
Controlling LDAP Anonymous Authentication
Access Control Configuration
Using The Editor
Access Control Rules
Target/Location Component
Scope Component
Rights Component
Attributes Component
Permissions Component
Attribute Permissions
Notes on Attribute Permissions
Entry Permissions
Notes on Entry Permissions
Subject Component
Subject Component Notes
General Grant/Deny Evaluation Rules
A
Oracle Virtual Directory 2.0 and 10.1.4 Property Table
Adapter Properties
General Properties for All Adapters
Generic Adapter Routing Properties
Standard Adapter General Properties
Standard Adapter Index Properties
LDAP Adapter General Properties
Database Adapter General Properties
JoinView Adapter General Properties
NTLM Adapter General Properties
Listener Properties
Listener General Properties
Web Gateway Service Properties
Web Listener Service Base Implementation
General Oracle Virtual Directory Properties
Oracle Virtual Directory General Properties
Oracle Virtual Directory Logging Properties
Oracle Virtual Directory Replication Properties
Oracle Virtual Directory Quota Properties
B
Bundled Plug-ins
Introduction
General Purpose Plug-ins
Caching
Cache Hit Logic
DynamicGroups
DumpTransactions
ObjectClass Mapper
Dynamic Entry Tree
Flat Tree
Microsoft Active Directory and Microsoft ADAM
Active Directory Ranged Attributes
Active Directory Password
InetAD
C
Web Gateway
Introduction
WebGateway Listener
Demonstration Directory Browser
WebGateway Listener Architecture
DSML and XSLT Servlet LDAP Query Parameters
WebGateway Listener
Resource Handler
DSML Servlet
WebGateway Servlet (XSLT)
WebGateway Command Detail
Binary Attribute Retrieval
Form-Based Searching
Form-Based Entry Manipulation
HTTP POST
HTTP GET
Security Contexts
Requirements for .htaccess Files
Directives for .htaccess Files
Resource Restrictions
Example Security Context Files
Using XSL Stylesheet Templates
Using XSLT Servlet Queries To Create Dynamic Forms
Support for XSL Document() and Import/Include Commands
Passing Parameters to XSL Stylesheets
Sample XSL