Introduction
Application Overview
Software Requirements
Terminology
Configuring the Application
Deploying and Running the Application
Sample Application Files
Additional References

Introduction

• Prerequisite
  
  
• Technical Overview

Prerequisite

This sample program is intended for audience interested in integrating customer Java application with Oracle Identity Management. The specific usage here deals with the use of Resource Access Descriptors (RAD) using Oracle Internet Directory Java API.

• JNDI
• OID

Technical Overview

To fulfill the requests of users, some Oracle components gather data from various repositories and services. To gather the data, these components require information for connecting and authenticating users to the resources. This information is called resource access information. It is stored in an entry called a resource access descriptor (RAD) from which it can be retrieved and shared by various Oracle components.

In the Oracle Internet Directory, RAD entries are defined individually for each user in OID where each user is identified by a unique ID, the orclownerguid (GUID). So, to create and access RAD in OID you first need to obtain the user's GUID. All RAD operations start with the user for whom the RAD needs to be created.

The following screen shot shows RAD in Oracle Directory Manager

Application Overview

This is a sample Java program demonstrating the use of RAD using Oracle Internet Directory Java API. It starts off by creating a LDAP connection bounded as a sample application for looking up the DN for an user. Then the application creates another connection context by binding to OID as the user. This now gives the application all create, read, and delete permissions for the RAD. It is to note that Proxy Switching is typically performed in this case, but we chose to simplify the application by creating a seperate LDAP connection.

Software Requirements

The following softwares are required for configuring and running this sample application

• Oracle Application Server 10g (10.1.2) including a complete Oracle Identity Management installation.

Terminology

<ORACLE_HOME>	Directory where Oracle 10g Application Server is installed. For example. D:\oracle or /private/oracle
<SAMPLE_HOME>	The directory where the sample application is extracted
<JAVA_HOME>	The directory where JAVA is installed
<OID_Host>	The hostname where Oracle Internet Directory is running
<OID_Port>	The non-SSL port number of Oracle Internet Directory
<Superuser_Password>	The password of superuser “cn=orcladmin”

Configuring the Application

• Unzip the provided SampleGroup.zip. This creates the SampleGroup directory with all the source files. We will refer to this directory as <SAMPLE_HOME>.
• To create and load the sample LDAP entries into OID, execute the following command against the provided <SAMPLE_HOME>/data/sample.ldif.

  <ORACLE_HOME>/bin/ldifmigrator input_file=<SAMPLE_HOME>/data/sample.ldif output_file=<SAMPLE_HOME>/data/sample_out.ldif –lookup dn="cn=orcladmin" password=<Superuser_Password> port=<OID_Port> host=<OID_Host> -load

  The data created by sample_out.ldif consists of the following:
  
  
  • A set of sample users under the user container of the default realm of the directory. For example, if the realm DN is "dc=acme,dc=com", then the users are created under "dc=sample_users,cn=users,dc=acme,dc=com".
  • A set of sample groups under the group container of the default realm of the directory. For example, if the realm DN is "dc=acme,dc=com", then the groups are created under "dc=sample_groups,cn=groups,dc=acme,dc=com". The members of these groups consist of the sample users created above.
  • Two application entities are created. The DNs are "orclApplicationCommonName=myTestApp1" and "orclApplicationCommonName=myTestApp2". Both application entities are given the UserProxyPrivilege to allow them to proxy as any end user under the realm user container. However, only application myTestApp1 is given the DASAdmin privilege that which grants it sufficient privileges for user/group management.
    
  
  
• When done with the sample application, execute the following command against the provided <SAMPLE_HOME>/data/sample_del.ldif to delete the sample LDAP entries.

  <ORACLE_HOME>/bin/ldifmigrator input_file=<SAMPLE_HOME>/data/sample_del.ldif output_file=<SAMPLE_HOME>/data/sample_del_out.ldif –lookup dn="cn=orcladmin" password=<Superuser_Password> port=<OID_Port> host=<OID_Host> -load

Deploying and Running the Application

• In the <SAMPLE_HOME>/src directory, compile the SampleRAD class using the following command
  • On Windows

    <JAVA_HOME>\bin\javac -d . –classpath <ORACLE_HOME>\jlib\ldapjclnt10.jar SampleRAD.java

  • On Linux or Solaris

    <JAVA_HOME>/bin/javac -d . –classpath <ORACLE_HOME>/jlib/ldapjclnt10.jar SampleRAD.java

• To run the SampleRAD class, run the following Java command from the <SAMPLE_HOME>/src directory
  • On Windows

    <JAVA_HOME>\bin\java –classpath .;<ORACLE_HOME>\jlib\ldapjclnt10.jar oracle.otnsamples.oim.SampleRAD <OID_Host> <OID_Port>

  • On Linux or Solaris

    <JAVA_HOME>/bin/java –classpath .:<ORACLE_HOME>/jlib/ldapjclnt10.jar oracle.otnsamples.oim.SampleRAD <OID_Host> <OID_Port>

Sample Application Files 

This section will provide a tabular listing of the sample application files, along with their respective directory locations and a description of what they do in the overall scheme of the application.

Directory	File	Description
<SAMPLE_HOME>\doc	readme.html	This file
<SAMPLE_HOME>\src	*.java	Java source files used in this sample application
<SAMPLE_HOME>\data	*.ldif	LDIF files containing the sample LDAP data

Additional References 

• Oracle Identity Management - Home Page
• Oracle Internet Directory Samples
  
• JNDI
• Oracle Internet Directory Java API Reference

Please enter your comments about this sample application here.