Sample Application Demonstrating DBMS_LDAP

PRODUCTS

Database
Middleware
Developer Tools
Enterprise Management
Applications Technology
Products A-Z

TECHNOLOGIES

BI & Data Warehousing
Embedded
Java
Linux
.NET
PHP
Security
Windows Server System
Technologies A-Z

ARCHITECTURE

Enterprise 2.0
Extreme Transaction Processing
Grid
Service-Oriented Architecture
Virtualization

COMMUNITY

Join OTN
Oracle ACEs
Oracle Wiki
Blogs
Podcasts
Events
Newsletters
Oracle Magazine
Oracle Books
Certification
User Groups
Partner White Papers

Printer View

E-mail this page

Bookmark

Sample Application Demonstrating DBMS_LDAP_UTL APIs

Date: 07-Jan-2005

Table of Contents

Introduction
Application Overview
Software Requirements
Terminology
Configuring the Application
Deploying and Running the Application
Sample Application Files
Additional References

Introduction

Prerequisite
Technical Overview

Prerequisite

To understand this sample application the user is expected to have knowledge in the following area,

Programming in PLSQL
LDAP: Lightweight Directory Access Protocol

Technical Overview

LDAP is a standard, extensible directory access protocol. It is a common language that LDAP clients and servers use to communicate.

Identity management is the process by which the complete security life cycle for end-users and network entities is managed for an organization. A sound identity management strategy can reduce costs, speed up application deployments, and improve the user experience while enhancing application security.

Oracle Identity Management is an integrated, scalable and robust identity management infrastructure. A central component of Oracle Platform Security, Oracle Identity Management includes an LDAP V3 directory service, directory synchronization service, identity provisioning service, delegated administration service, authentication and authorization services, and an X.509 V3 certificate authority. Key benefits of Oracle Identity Management are its robustness and scalability, out-of-the-box deployment support for Oracle products, utility as a single point of integration for other enterprise identity management solutions, and open, standards-based implementation.

Oracle Identity Management includes the following components:

Oracle Internet Directory: A scalable, robust LDAP V3-compliant directory service implemented on the Oracle Database.
Oracle Directory Synchronization Service: Permits synchronization between Oracle Internet Directory and other directories and user repositories.
Oracle Provisioning Integration Service: Provides automatic provisioning services for Oracle products, components and applications and, through standard interfaces, third-party applications.
Oracle Delegated Administration Service: Provides trusted proxy-based administration of directory information by users and application administrators.
Oracle Application Server Single Sign-On: Provides single sign-on to J2EE, Web and legacy applications. It also interoperates with 3rd party access management systems.
Oracle Application Server Certificate Authority: This is a new component with Oracle Application Server 10g, which generates and publishes X.509 v3 PKI certificates to support strong authentication methods and digital signatures.

Application Overview

This sample scripts in this sample illustrates the usage of DBMS_LDAP_UTL package (an LDAP PLSQL API for managing various enterprise entities modeled in a directory server). Primarily, three different categories of functions are demonstrated within this sample

Usage of enterprise user related functions in DBMS_LDAP_UTL package
Usage of realm related functions in DBMS_LDAP_UTL package
Usage of group related functions in DBMS_LDAP_UTL package

Software Requirements

Following is the list of software's required for configuring and running this sample application.

Oracle Database 8i (or above)
LDAP Based Directory Server. For example, Oracle Internet Directory

Terminology

Term Definition

<ORACLE_HOME>
Directory where Oracle database is installed. For example. D:\oracle

<SAMPLE_HOME> The directory where the sample application is extracted.

Configuring the Application

Unzip the provided dbms_ldaputl_demo.zip. This creates dbms_ldaputil_demo directory with all the source files. We will refer to this directory as <SAMPLE_HOME>.

To create the sample LDAP entries, execute the following command against the provided <SAMPLE_HOME>/sample.ldif. This creates an appropriate LDIF file with default containers substituted.

<ORACLE_HOME>/bin/ldifmigrator input_file=<SAMPLE_HOME>/sample.ldif output_file=<SAMPLE_HOME>/sample_out.ldif –lookup dn="cn=orcladmin" password=<password> port=<port> host=<host>

where,

<host>	=	hostname of the machine where OID is running
<port>	=	port on the host machine on which the OID server is listening
<password>	=	admin password to OID server

Once the sample_out.ldif is created, you can upload the entries using the following command
<ORACLE_HOME>/bin/ldapmodify –h <host> -p <port> -D "cn=orcladmin" –w <password> -f <SAMPLE_HOME>/sample_out.ldif

Deploying and Running the Application

This section describes the steps required in deploying this application to OID using a database client like SQL*Plus.

Edit the three scripts namely user.sql, group.sql and realm.sql located under the directory <SAMPLE_HOME> in your favorite text editor. Customize the scripts by change the variables appropriately as mentioned in the scripts.

Run the scripts by executing the following commands in SQL*Plus

Usage of User related functions
SQL> @<SAMPLE_HOME>\user.sql

Usage of Realm related functions
SQL> @<SAMPLE_HOME>\realm.sql

Usage of Group related functions
SQL> @<SAMPLE_HOME>\group.sql

Miscellaneous functions
SQL> @<SAMPLE_HOME>\prop.sql

Sample Application Files

This section provides a tabular listing of the sample application files, along with their respective directory locations and a description of what they do in the overall scheme of the application.

Directory File Description

<SAMPLE_HOME>\doc

Readme.html

This file

<SAMPLE_HOME>

user.sql
This SQL demo script illustrates usage of various functions related to the enterprise user modeled in a directory to accomplish the following:

User Authentication

Retrieval of user properties

Updating user properties

<SAMPLE_HOME>

realm.sql
This SQL demo script illustrates usage of various functions related to Realms modeled in a directory to accomplish the following:

Retrieval of Realm properties

<SAMPLE_HOME>

group.sql
This SQL demo script illustrates the usage of various functions related to groups modeled in a directory to accomplish the following:

Retrieval of group properties

Verifying of group membership for a user

Retrieving various group membership details for a user

<SAMPLE_HOME>

prop.sql

This SQL demo script illustrates the usage of miscellaneous functions to retrieve the properties stored in a propertyset result handle.

<SAMPLE_HOME>

sample.ldif

This file contains sample data used by the demo scripts

<SAMPLE_HOME>

delete_sample.ldif

This file contains list of sample entries created by the sample.ldif and is used to clean all the sample data from the LDAP server

Additional References

Please enter your comments about this sample application here.

E-mail this page

Printer View

	About Oracle \| \| Careers \| Contact Us \| Site Maps \| Legal Notices \| Terms of Use \| Privacy