Managing Oracle Virtual Directory Logging and Auditing 17-7 For example, if you added a new ACL, adapter, or listener, the event would be logged into the audit repository as follows: NN added WHAT configuration on DD:HH. The added configuration is: CONF DETAIL. If you modified an existing ACL, adapter, or listener or changed the auditing, logging, or server configuration settings, the event would be logged into the auditing repository as follows: NN updated WHAT configuration on DD:HH. The configuration is changed from OO to WW. CONF DETAIL Exact configuration details. OO Old configuration. WW New configuration. Convention Description 17-8 Oracle Fusion Middleware Administrators Guide for Oracle Virtual Directory Part III Part III Advanced Administration This part presents information about advanced administration tasks for Oracle Virtual Directory and contains the following chapters: ■ Chapter 18, Customizing Oracle Virtual Directory ■ Chapter 19, Configuring Oracle Virtual Directory for Integrated Directory Solutions ■ Chapter 20, Oracle Communications Universal User Profile 18 Customizing Oracle Virtual Directory 18-1 18 Customizing Oracle Virtual Directory This chapter explains how to customize Oracle Virtual Directory and contains the following topics: ■ Setting Localized Languages for Oracle Directory Services Manager ■ Creating and Configuring Custom Adapters ■ Developing Custom Java Plug-Ins ■ Connecting Web Service Clients to Oracle Virtual Directory

18.1 Setting Localized Languages for Oracle Directory Services Manager

Oracle Virtual Directory includes localized translations for the Oracle Directory Services Manager interface in the following languages: ■ French ■ Italian ■ German ■ Spanish ■ Brazilian Portuguese ■ Japanese ■ Traditional Chinese ■ Simplified Chinese ■ Korean You can set the language for the Oracle Directory Services Manager interface using your web browser’s language settings. Refer to your web browser’s documentation for specific information on setting languages.

18.2 Creating and Configuring Custom Adapters

Oracle Virtual Directory supports the ability to create custom adapters using plug-ins that can connect to almost any data source with a defined API. For example, you can use custom adapters to abstract information available through web services. A custom Notes: Only users who have Oracle Directory Services Manager Administrator access usually cn=orcladmin can log in to Oracle Directory Services Manager. 18-2 Oracle Fusion Middleware Administrators Guide for Oracle Virtual Directory adapter is an adapter that has no functionality itself—it is a place holder where adapter level plug-ins can be configured to implement its functions instead. By default, Custom Adapters do not map to any data source. Plug-ins, such as the Diameter plug-in, that are added to Custom Adapters on the Plug-In tab in Oracle Directory Services Manager provide data to Custom Adapters. Typically, Custom Adapters are written by customers that must connect Oracle Virtual Directory to non-LDAP or non-database services, such as Web Services. This topic contains the following sections: ■ Creating Custom Adapters ■ Configuring Custom Adapters

18.2.1 Creating Custom Adapters

Perform the following steps to create a Custom Adapter using Oracle Directory Services Manager: 1. Log in to Oracle Directory Services Manager.

2. Select Adapter from the task selection bar. The Adapter navigation tree appears.

3. Click the Create Adapter button. The New Adapter Wizard appears.

4. Perform the following steps to define the Type of adapter:

a. Select Custom from the Adapter Type list.

b. Enter a unique name for the Custom Adapter in the Adapter Name field. The adapter name value is used in other configuration fields that must reference the adapter.

c. Select the Default template from the Adapter Template list.

d. Click Next. The Settings screen appears.

5. Enter a valid base DN in DN format in the Adapter SuffixNamespace field. This field defines the root DN for which the adapter provides information. The DN defined, and the child entries below it, comprise the adapter’s namespace. Enter a value in the Adapter Suffix field that should be the base DN value for returned entries. For example, if you enter dc=mydomain,dc=com in the Adapter SuffixNamespace field, all entries end with dc=mydomain,dc=com.

6. Click Next. A summary of the Custom Adapter settings appears. Review the

settings and click Finish to create the Custom Adapter. The Custom Adapter appears in the Adapter tree. After you create the Custom Adapter you can configure it using the procedures in Configuring Custom Adapters .

18.2.2 Configuring Custom Adapters

This section describes how to configure Custom Adapter settings, including: ■ Configuring Custom Adapter General Settings ■ Configuring Adapter Routing ■ Configuring Adapter Plug-ins and Mappings Customizing Oracle Virtual Directory 18-3

18.2.2.1 Configuring Custom Adapter General Settings

After you create the Custom Adapter you can configure the general settings for the adapter by clicking the adapter name in the Adapter tree, clicking the General tab, setting values for the following fields, and clicking Apply: Root This field defines the root DN that the adapter provides information for. The DN defined, and the child entries below it, comprise the adapter’s namespace. The value you enter in this field should be the base DN value for returned entries. For example, if you enter dc=mydomain,dc=com in the field, all entries end with dc=mydomain,dc=com. Active An adapter can be configured as active enabled or inactive disabled. An adapter configured as inactive does not start during a server restart or an attempted adapter start. Use the inactive setting to keep old configurations available or in stand-by without having to delete them from the configuration. The default setting is active.

18.2.2.2 Configuring Adapter Routing

After you create the adapter you can configure routing for the adapter by clicking the adapter name in the Adapter tree, clicking the Routing tab, and referring to Understanding Routing Settings on page 3-3.

18.2.2.3 Configuring Adapter Plug-ins and Mappings

After you create the adapter you can apply Plug-ins and Mappings to the adapter by clicking the adapter name in the Adapter tree, clicking the Plug-Ins tab, and referring to Managing Adapter Plug-ins on page 13-1 and Applying Mappings to Adapters on page 14-3.

18.3 Developing Custom Java Plug-Ins

This topic explains how to develop custom Java plug-ins for Oracle Virtual Directory and contains the following section: ■ Overview ■ Understanding the Chain System ■ Plug-In Implementation Points ■ Creating EntrySets ■ Understanding Filter Processing ■ Understanding Classes

18.3.1 Overview

Oracle Virtual Directory enables you to create and deploy custom Java plug-ins that can process and manipulate LDAP operations as they pass through the Oracle Virtual Directory. Plug-ins can be positioned at either a global level, where they see and affect all requests, or at an adapter level, where they see and affect only requests for a Note: Enable the Bind Support routing setting when defining Custom Adapters that may or may not support a bind operation. 18-4 Oracle Fusion Middleware Administrators Guide for Oracle Virtual Directory particular adapter. You can also create and deploy plug-ins to run on particular operations and for certain namespaces. Each Oracle Virtual Directory plug-in has a specific implementation point, as listed in Table 18–1 : This chapter demonstrates how to create a custom plug-in by explaining the implementation points listed in Table 18–1 . The chapter provides information for a fictitious example plug-in called the Bad Password Count plug-in which would detect if a bind operation has failed or succeeded. If the operation succeeded, then the count would be cleared and if the bind fails, then the count would increase. The fictitious Bad Password Count plug-in also ensures that the bad password count cannot be changed from outside the directory.

18.3.2 Understanding the Chain System

Oracle Virtual Directory plug-ins follow an implementation based on the Java Servlet 2.3 Filter model where a single method is used to handle the pre-operation and post-operation, and to determine if an operation should continue. Multiple plug-ins are combined to form a chain of plug-ins. To demonstrate this chain implementation, consider the following situation where the fictitious example Bad Password Count plug-in determines if the bad password count attribute should be added to an entry being added to the directory. You have the ability to manipulate the request when the add method is called, which enables you to manipulate the passed-in attributes and their values for example, to change objectclass value inetOrgPerson to user if you were masking ActiveDirectory as a standard LDAP directory or to handle the storage of the data into your non-directory or database system such as in a custom adapter. To allow the Note: If you rename attributes using custom Java plug-ins, Oracle Virtual Directory supports search on the renamed attributevalue only if the custom code overrides the incoming filter object, as is in the DB_Groups Mapping. Table 18–1 Plug-In Implementation Points Implementation Point Description Configuration Plug-in configuration data. The custom portion of the configuration consists of name and value pairs of initialization parameters Startup Shutdown The initPluginInit initParams, String name and destroy methods are called on plug-in initialization and de-initialization. Availability The availableChain chain, DirectoryString base method is called before execution of the plug-in to determine if the plug-in will be executed. Operations The various operational methods to be called. Note: The Bad Password Count plug-in described in this chapter is a fictitious example used to demonstrate how Oracle Virtual Directory plug-ins and its chain system operate. Oracle Virtual Directory does not include a Bad Password Count plug-in, though it could support one if you created it.