REST API for Oracle Unified Directory Administration

Add, Search, Compare or Delete Proxy LDAP Workflow Element

post

/rest/v1/admin

Add, Search, Compare or Delete Proxy LDAP Workflow Element

Request

Supported Media Types

application/json

Proxy LDAP Workflow Element that needs to be created

Root Schema : Proxy LDAP Workflow Element POSTRequest

Type: object

Show Source

assertion: string

Assertion string for the LDAP compare operation. Note: To be used only while performing LDAP compare operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest.
attributes: object Proxy LDAP Workflow Element Properties
base: string

Search Base DN to be used for the LDAP search operation. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest. It is also mandatory for such operation
controls: array controls

LDAP controls to be sent to server for the LDAP operation.
dn: string

LDAP DN of the entry to be created or deleted or compared. Note: To be used only while performing LDAP add, delete or compare operations, i.e, if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:AddRequest, urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteRequest or urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest.It is mandatory for such operations.
filter: string

Search filter for the LDAP search operation. Should follow LDAP search filter syntax. Note: To be used only while performing LDAP search operation using POST request, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.
msgType(required): string

Allowed Values: [ "urn:ietf:params:rest:schemas:oracle:oud:1.0:AddRequest", "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest", "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteRequest", "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest" ]

The REST message type
requiredAttributes: array requiredAttributes

List of attributes to be fetched for the entry. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.
scope: string

Allowed Values: [ "base", "sub", "one" ]

Scope for the LDAP search operation. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.

{
    "type":"object",
    "required":[
        "msgType"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "type":"string",
            "enum":[
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:AddRequest",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteRequest",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest"
            ]
        },
        "dn":{
            "description":"LDAP DN of the entry to be created or deleted or compared. Note: To be used only while performing LDAP add, delete or compare operations, i.e, if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:AddRequest, urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteRequest or urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest.It is mandatory for such operations.",
            "type":"string"
        },
        "attributes":{
            "$ref":"#/definitions/Proxy LDAP Workflow Element Properties"
        },
        "base":{
            "description":"Search Base DN to be used for the LDAP search operation. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest. It is also mandatory for such operation",
            "type":"string"
        },
        "scope":{
            "description":"Scope for the LDAP search operation. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.",
            "type":"string",
            "enum":[
                "base",
                "sub",
                "one"
            ]
        },
        "filter":{
            "description":"Search filter for the LDAP search operation. Should follow LDAP search filter syntax. Note: To be used only while performing LDAP search operation using POST request, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.",
            "type":"string"
        },
        "requiredAttributes":{
            "description":"List of attributes to be fetched for the entry. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.",
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "controls":{
            "description":"LDAP controls to be sent to server for the LDAP operation.",
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "assertion":{
            "description":"Assertion string for the LDAP compare operation. Note: To be used only while performing LDAP compare operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareRequest.",
            "type":"string"
        }
    }
}

Nested Schema : Proxy LDAP Workflow Element Properties

Type: object

Show Source

cn: string

CN (common name) of the entry
ds-cfg-client-cred-mode(required): string

Allowed Values: [ "use-client-identity", "use-proxy-auth", "use-specific-identity" ]

Specifies the way the proxy server binds to the remote LDAP server.
ds-cfg-enabled(required): boolean

Indicates whether the Workflow Element is enabled for use in the server.
ds-cfg-exclude-list: array ds-cfg-exclude-list

The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.
ds-cfg-include-list: array ds-cfg-include-list

The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.
ds-cfg-java-class(required): string

Default Value: com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement

Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation.
ds-cfg-ldap-server-extension(required): string

Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element.
ds-cfg-log-silent-bind-response-controls: boolean

Default Value: false

Indicates whether the logging of the silent-bind response controls is enabled.
ds-cfg-never-bind: boolean

Default Value: false

Indicates whether the never-bind flag is enabled.
ds-cfg-never-bind-user-password-attribute: string

Default Value: userPassword

This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value "userPassword" is used instead.
ds-cfg-remote-ldap-server-bind-dn: string

DN which will be used to connect to a remote server. This DN must exist on the remote server.
ds-cfg-remote-ldap-server-bind-password: string

Password which will be used to connect to the remote server.
ds-cfg-remote-ldap-server-bind-password-file: string

File which contains the password which will be used to connect to the remote server.
ds-cfg-remote-root-dn: string

The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value "" denotes the anonymous credentials. If "" is provided then the remote-ldap-server-bind-password property is ignored.
ds-cfg-remote-root-password: string

Password which will be used by the root DN to connect to the remote server.
ds-cfg-search-count-limit: integer(int32)

Default Value: 0

The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request.
ds-cfg-use-proxy-auth: boolean

Default Value: false

This flag indicates whether the LDAP connector can use the proxy authorization control.
objectclass(required): array objectclass

Objectclass(es) which this entry belongs to.

{
    "type":"object",
    "required":[
        "objectclass",
        "ds-cfg-java-class",
        "ds-cfg-client-cred-mode",
        "ds-cfg-ldap-server-extension",
        "ds-cfg-enabled"
    ],
    "properties":{
        "objectclass":{
            "type":"array",
            "description":"Objectclass(es) which this entry belongs to.",
            "items":{
                "type":"string"
            }
        },
        "cn":{
            "type":"string",
            "description":"CN (common name) of the entry"
        },
        "ds-cfg-java-class":{
            "description":"Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation. ",
            "readOnly":false,
            "default":"com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement",
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-dn":{
            "description":"DN which will be used to connect to a remote server. This DN must exist on the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-never-bind":{
            "description":"Indicates whether the never-bind flag is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-never-bind-user-password-attribute":{
            "description":"This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value \"userPassword\" is used instead. ",
            "readOnly":false,
            "default":"userPassword",
            "type":"string"
        },
        "ds-cfg-use-proxy-auth":{
            "description":"This flag indicates whether the LDAP connector can use the proxy authorization control. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-include-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-client-cred-mode":{
            "description":"Specifies the way the proxy server binds to the remote LDAP server. ",
            "readOnly":false,
            "type":"string",
            "enum":[
                "use-client-identity",
                "use-proxy-auth",
                "use-specific-identity"
            ]
        },
        "ds-cfg-remote-ldap-server-bind-password-file":{
            "description":"File which contains the password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-password":{
            "description":"Password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-root-password":{
            "description":"Password which will be used by the root DN to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-ldap-server-extension":{
            "description":"Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-search-count-limit":{
            "description":"The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request. ",
            "readOnly":false,
            "default":"0",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-enabled":{
            "description":"Indicates whether the Workflow Element is enabled for use in the server. ",
            "readOnly":false,
            "type":"boolean"
        },
        "ds-cfg-remote-root-dn":{
            "description":"The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value \"\" denotes the anonymous credentials. If \"\" is provided then the remote-ldap-server-bind-password property is ignored. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-log-silent-bind-response-controls":{
            "description":"Indicates whether the logging of the silent-bind response controls is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-exclude-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        }
    }
}

Nested Schema : controls

Type: array

LDAP controls to be sent to server for the LDAP operation.

Show Source

Array of: string

{
    "description":"LDAP controls to be sent to server for the LDAP operation.",
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : requiredAttributes

Type: array

List of attributes to be fetched for the entry. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.

Show Source

Array of: string

{
    "description":"List of attributes to be fetched for the entry. Note: To be used only while performing LDAP search operation using POST, i.e., if the msgType is urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchRequest.",
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : ds-cfg-exclude-list

Type: array

The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.

Show Source

Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : ds-cfg-include-list

Type: array

The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.

Show Source

Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : objectclass

Type: array

Objectclass(es) which this entry belongs to.

Show Source

Array of: string

{
    "type":"array",
    "description":"Objectclass(es) which this entry belongs to.",
    "items":{
        "type":"string"
    }
}

Response

Supported Media Types

application/json

200 Response

Root Schema : Proxy LDAP Workflow Element SuccessResponse

Type: object

Show Source

compareResult: boolean

Indicates the result of LDAP compare operation.
msgType(required): string

Allowed Values: [ "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchResponse", "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteResponse", "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareResponse" ]

The REST message type
searchResultEntries(required): array searchResultEntries

Number of search result entries returned after the LDAP operation.
totalResults(required): integer(int32)

Specifies the number of entries created, and returned.

{
    "type":"object",
    "required":[
        "msgType",
        "totalResults",
        "searchResultEntries"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "type":"string",
            "enum":[
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:SearchResponse",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:DeleteResponse",
                "urn:ietf:params:rest:schemas:oracle:oud:1.0:CompareResponse"
            ]
        },
        "totalResults":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the number of entries created, and returned."
        },
        "searchResultEntries":{
            "type":"array",
            "description":"Number of search result entries returned after the LDAP operation.",
            "items":{
                "$ref":"#/definitions/Proxy LDAP Workflow Element SearchResultEntry"
            }
        },
        "compareResult":{
            "description":"Indicates the result of LDAP compare operation.",
            "type":"boolean"
        }
    }
}

Nested Schema : searchResultEntries

Type: array

Number of search result entries returned after the LDAP operation.

Show Source

Array of: object Proxy LDAP Workflow Element SearchResultEntry

{
    "type":"array",
    "description":"Number of search result entries returned after the LDAP operation.",
    "items":{
        "$ref":"#/definitions/Proxy LDAP Workflow Element SearchResultEntry"
    }
}

Nested Schema : Proxy LDAP Workflow Element SearchResultEntry

Type: object

Show Source

attributes(required): object Proxy LDAP Workflow Element Properties
dn(required): string

LDAP DN of the entry to be created

{
    "type":"object",
    "required":[
        "dn",
        "attributes"
    ],
    "properties":{
        "dn":{
            "description":"LDAP DN of the entry to be created",
            "type":"string"
        },
        "attributes":{
            "$ref":"#/definitions/Proxy LDAP Workflow Element Properties"
        }
    }
}

Nested Schema : Proxy LDAP Workflow Element Properties

Type: object

Show Source

cn: string

CN (common name) of the entry
ds-cfg-client-cred-mode(required): string

Allowed Values: [ "use-client-identity", "use-proxy-auth", "use-specific-identity" ]

Specifies the way the proxy server binds to the remote LDAP server.
ds-cfg-enabled(required): boolean

Indicates whether the Workflow Element is enabled for use in the server.
ds-cfg-exclude-list: array ds-cfg-exclude-list

The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.
ds-cfg-include-list: array ds-cfg-include-list

The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.
ds-cfg-java-class(required): string

Default Value: com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement

Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation.
ds-cfg-ldap-server-extension(required): string

Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element.
ds-cfg-log-silent-bind-response-controls: boolean

Default Value: false

Indicates whether the logging of the silent-bind response controls is enabled.
ds-cfg-never-bind: boolean

Default Value: false

Indicates whether the never-bind flag is enabled.
ds-cfg-never-bind-user-password-attribute: string

Default Value: userPassword

This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value "userPassword" is used instead.
ds-cfg-remote-ldap-server-bind-dn: string

DN which will be used to connect to a remote server. This DN must exist on the remote server.
ds-cfg-remote-ldap-server-bind-password: string

Password which will be used to connect to the remote server.
ds-cfg-remote-ldap-server-bind-password-file: string

File which contains the password which will be used to connect to the remote server.
ds-cfg-remote-root-dn: string

The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value "" denotes the anonymous credentials. If "" is provided then the remote-ldap-server-bind-password property is ignored.
ds-cfg-remote-root-password: string

Password which will be used by the root DN to connect to the remote server.
ds-cfg-search-count-limit: integer(int32)

Default Value: 0

The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request.
ds-cfg-use-proxy-auth: boolean

Default Value: false

This flag indicates whether the LDAP connector can use the proxy authorization control.
objectclass(required): array objectclass

Objectclass(es) which this entry belongs to.

{
    "type":"object",
    "required":[
        "objectclass",
        "ds-cfg-java-class",
        "ds-cfg-client-cred-mode",
        "ds-cfg-ldap-server-extension",
        "ds-cfg-enabled"
    ],
    "properties":{
        "objectclass":{
            "type":"array",
            "description":"Objectclass(es) which this entry belongs to.",
            "items":{
                "type":"string"
            }
        },
        "cn":{
            "type":"string",
            "description":"CN (common name) of the entry"
        },
        "ds-cfg-java-class":{
            "description":"Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation. ",
            "readOnly":false,
            "default":"com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement",
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-dn":{
            "description":"DN which will be used to connect to a remote server. This DN must exist on the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-never-bind":{
            "description":"Indicates whether the never-bind flag is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-never-bind-user-password-attribute":{
            "description":"This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value \"userPassword\" is used instead. ",
            "readOnly":false,
            "default":"userPassword",
            "type":"string"
        },
        "ds-cfg-use-proxy-auth":{
            "description":"This flag indicates whether the LDAP connector can use the proxy authorization control. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-include-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-client-cred-mode":{
            "description":"Specifies the way the proxy server binds to the remote LDAP server. ",
            "readOnly":false,
            "type":"string",
            "enum":[
                "use-client-identity",
                "use-proxy-auth",
                "use-specific-identity"
            ]
        },
        "ds-cfg-remote-ldap-server-bind-password-file":{
            "description":"File which contains the password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-password":{
            "description":"Password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-root-password":{
            "description":"Password which will be used by the root DN to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-ldap-server-extension":{
            "description":"Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-search-count-limit":{
            "description":"The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request. ",
            "readOnly":false,
            "default":"0",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-enabled":{
            "description":"Indicates whether the Workflow Element is enabled for use in the server. ",
            "readOnly":false,
            "type":"boolean"
        },
        "ds-cfg-remote-root-dn":{
            "description":"The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value \"\" denotes the anonymous credentials. If \"\" is provided then the remote-ldap-server-bind-password property is ignored. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-log-silent-bind-response-controls":{
            "description":"Indicates whether the logging of the silent-bind response controls is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-exclude-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        }
    }
}

Nested Schema : ds-cfg-exclude-list

Type: array

Show Source

Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : ds-cfg-include-list

Type: array

Show Source

Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : objectclass

Type: array

Objectclass(es) which this entry belongs to.

Show Source

Array of: string

{
    "type":"array",
    "description":"Objectclass(es) which this entry belongs to.",
    "items":{
        "type":"string"
    }
}

201 Response

Created

Root Schema : Proxy LDAP Workflow Element ADDResponse

Type: object

Show Source

msgType(required): string

Default Value: urn:ietf:params:rest:schemas:oracle:oud:1.0:AddResponse

The REST message type
searchResultEntries(required): array searchResultEntries
totalResults(required): integer(int32)

Specifies the number of entries created, and returned.

{
    "type":"object",
    "required":[
        "msgType",
        "totalResults",
        "searchResultEntries"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "default":"urn:ietf:params:rest:schemas:oracle:oud:1.0:AddResponse",
            "type":"string"
        },
        "totalResults":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the number of entries created, and returned."
        },
        "searchResultEntries":{
            "type":"array",
            "items":{
                "$ref":"#/definitions/Proxy LDAP Workflow Element SearchResultEntry"
            }
        }
    }
}

Nested Schema : searchResultEntries

Type: array

Show Source

Array of: object Proxy LDAP Workflow Element SearchResultEntry

{
    "type":"array",
    "items":{
        "$ref":"#/definitions/Proxy LDAP Workflow Element SearchResultEntry"
    }
}

Nested Schema : Proxy LDAP Workflow Element SearchResultEntry

Type: object

Show Source

attributes(required): object Proxy LDAP Workflow Element Properties
dn(required): string

LDAP DN of the entry to be created

{
    "type":"object",
    "required":[
        "dn",
        "attributes"
    ],
    "properties":{
        "dn":{
            "description":"LDAP DN of the entry to be created",
            "type":"string"
        },
        "attributes":{
            "$ref":"#/definitions/Proxy LDAP Workflow Element Properties"
        }
    }
}

Nested Schema : Proxy LDAP Workflow Element Properties

Type: object

Show Source

cn: string

CN (common name) of the entry
ds-cfg-client-cred-mode(required): string

Allowed Values: [ "use-client-identity", "use-proxy-auth", "use-specific-identity" ]

Specifies the way the proxy server binds to the remote LDAP server.
ds-cfg-enabled(required): boolean

Indicates whether the Workflow Element is enabled for use in the server.
ds-cfg-exclude-list: array ds-cfg-exclude-list

The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list.
ds-cfg-include-list: array ds-cfg-include-list

The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally.
ds-cfg-java-class(required): string

Default Value: com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement

Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation.
ds-cfg-ldap-server-extension(required): string

Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element.
ds-cfg-log-silent-bind-response-controls: boolean

Default Value: false

Indicates whether the logging of the silent-bind response controls is enabled.
ds-cfg-never-bind: boolean

Default Value: false

Indicates whether the never-bind flag is enabled.
ds-cfg-never-bind-user-password-attribute: string

Default Value: userPassword

This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value "userPassword" is used instead.
ds-cfg-remote-ldap-server-bind-dn: string

DN which will be used to connect to a remote server. This DN must exist on the remote server.
ds-cfg-remote-ldap-server-bind-password: string

Password which will be used to connect to the remote server.
ds-cfg-remote-ldap-server-bind-password-file: string

File which contains the password which will be used to connect to the remote server.
ds-cfg-remote-root-dn: string

The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value "" denotes the anonymous credentials. If "" is provided then the remote-ldap-server-bind-password property is ignored.
ds-cfg-remote-root-password: string

Password which will be used by the root DN to connect to the remote server.
ds-cfg-search-count-limit: integer(int32)

Default Value: 0

The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request.
ds-cfg-use-proxy-auth: boolean

Default Value: false

This flag indicates whether the LDAP connector can use the proxy authorization control.
objectclass(required): array objectclass

Objectclass(es) which this entry belongs to.

{
    "type":"object",
    "required":[
        "objectclass",
        "ds-cfg-java-class",
        "ds-cfg-client-cred-mode",
        "ds-cfg-ldap-server-extension",
        "ds-cfg-enabled"
    ],
    "properties":{
        "objectclass":{
            "type":"array",
            "description":"Objectclass(es) which this entry belongs to.",
            "items":{
                "type":"string"
            }
        },
        "cn":{
            "type":"string",
            "description":"CN (common name) of the entry"
        },
        "ds-cfg-java-class":{
            "description":"Specifies the fully-qualified name of the Java class that provides the Proxy LDAP Workflow Element implementation. ",
            "readOnly":false,
            "default":"com.sun.dps.server.workflowelement.proxyldap.ProxyLdapWorkflowElement",
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-dn":{
            "description":"DN which will be used to connect to a remote server. This DN must exist on the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-never-bind":{
            "description":"Indicates whether the never-bind flag is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-never-bind-user-password-attribute":{
            "description":"This attribute defines the description of the attribute that identifies the user's credentials on the remote server. It is relevant only when the never-bind flag is enabled. When this attribute is omitted the default value \"userPassword\" is used instead. ",
            "readOnly":false,
            "default":"userPassword",
            "type":"string"
        },
        "ds-cfg-use-proxy-auth":{
            "description":"This flag indicates whether the LDAP connector can use the proxy authorization control. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-include-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        },
        "ds-cfg-client-cred-mode":{
            "description":"Specifies the way the proxy server binds to the remote LDAP server. ",
            "readOnly":false,
            "type":"string",
            "enum":[
                "use-client-identity",
                "use-proxy-auth",
                "use-specific-identity"
            ]
        },
        "ds-cfg-remote-ldap-server-bind-password-file":{
            "description":"File which contains the password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-ldap-server-bind-password":{
            "description":"Password which will be used to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-remote-root-password":{
            "description":"Password which will be used by the root DN to connect to the remote server. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-ldap-server-extension":{
            "description":"Identifies the LDAP server extension configured for this Proxy LDAP Workflow Element. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-search-count-limit":{
            "description":"The default size limit value used in the ldapsearch request, when it is not specified in the client request or when a size limit of zero has been specified in the client request. ",
            "readOnly":false,
            "default":"0",
            "type":"integer",
            "format":"int32"
        },
        "ds-cfg-enabled":{
            "description":"Indicates whether the Workflow Element is enabled for use in the server. ",
            "readOnly":false,
            "type":"boolean"
        },
        "ds-cfg-remote-root-dn":{
            "description":"The root DN which will be used to perform internal operations on a remote server. This DN must exist on the remote server. The value \"\" denotes the anonymous credentials. If \"\" is provided then the remote-ldap-server-bind-password property is ignored. ",
            "readOnly":false,
            "type":"string"
        },
        "ds-cfg-log-silent-bind-response-controls":{
            "description":"Indicates whether the logging of the silent-bind response controls is enabled. ",
            "readOnly":false,
            "default":false,
            "type":"boolean"
        },
        "ds-cfg-exclude-list":{
            "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
            "readOnly":false,
            "type":"array",
            "items":{
                "type":"string"
            }
        }
    }
}

Nested Schema : ds-cfg-exclude-list

Type: array

Show Source

Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one DNs on the exclude list, then the authentication against the remote server will be performed using the proxy credentials, regardless of the content of the include list. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : ds-cfg-include-list

Type: array

Show Source

Array of: string

{
    "description":"The list contains a set of DNs. If the client bind DN is a descendant of one of the DNs in the list, or if the list is empty, then the client credentials can be used to perform authentication against the remote server (as long as the client bind DN is not a descendant of any DN on the exclude list). If the never-bind flag is disabled then a silent-bind is performed for the authentication. If the never-bind flag is enabled, the user's entry is retrieved from the remote server and the credentials are checked locally. ",
    "readOnly":false,
    "type":"array",
    "items":{
        "type":"string"
    }
}

Nested Schema : objectclass

Type: array

Objectclass(es) which this entry belongs to.

Show Source

Array of: string

{
    "type":"array",
    "description":"Objectclass(es) which this entry belongs to.",
    "items":{
        "type":"string"
    }
}

204 Response

No content

406 Response

Not Acceptable

Root Schema : ErrorResponse

Type: object

Show Source

ldapErrorCode: integer(int32)

Specifies the LDAP error code returned for the operation.
message(required): string

Error message returned returned for the operation.
msgType(required): string

Default Value: urn:ietf:params:rest:schemas:oracle:oud:1.0:ErrorResponse

The REST message type

{
    "type":"object",
    "required":[
        "msgType",
        "message"
    ],
    "properties":{
        "msgType":{
            "description":"The REST message type",
            "default":"urn:ietf:params:rest:schemas:oracle:oud:1.0:ErrorResponse",
            "type":"string"
        },
        "message":{
            "description":"Error message returned returned for the operation.",
            "type":"string"
        },
        "ldapErrorCode":{
            "type":"integer",
            "format":"int32",
            "description":"Specifies the LDAP error code returned for the operation."
        }
    }
}