ACE Director Alum Daniel Morgan, founder of Morgan's Library, is scheduling
complimentary technical Workshops on Database Security for the first 30
Oracle Database customers located anywhere in North America, EMEA, LATAM, or
APAC that send an email to
asra_us@oracle.com. Request a Workshop for
your organization today.
Purpose
Oracle EXtension utility functions that can be used for authentication or querying information on users, groups or subscribers in the LDAP server ...
which begs the question ... why is this package is compiled with DEFINER rights and has EXECUTE granted to PUBLIC.
Functionality in this package should be called after a success execution of DBMS_LDAP.INIT.
AUTHID
DEFINER
Constants
Name
Data Type
Value
Authentication Types
AUTH_SIMPLE
NUMBER
0
AUTH_EXTENDED
NUMBER
1
Deprecated
AUTH_PASSWD_CHANGE_WARN
NUMBER
-15
RESET_HANDLE
NUMBER
-18
SUBSCRIBER_NOT_FOUND
NUMBER
-19
USER_PROPERTY_NOT_FOUND
NUMBER
-28
PROPERTY_NOT_FOUND
NUMBER
-30
Error Codes
SUCCESS
NUMBER
0
GENERAL_ERROR
NUMBER
-1
PARAM_ERROR
NUMBER
-2
NO_GROUP_MEMBERSHIP
NUMBER
-3
NO_SUCH_SUBSCRIBER
NUMBER
-4
NO_SUCH_USER
NUMBER
-5
NO_ROOT_ORCL_CTX
NUMBER
-6
MULTIPLE_SUBSCRIBER_ENTRIES
NUMBER
-7
INVALID_ROOT_ORCL_CTX
NUMBER
-8
NO_SUBSCRIBER_ORCL_CTX
NUMBER
-9
INVALID_SUBSCRIBER_ORCL_CTX
NUMBER
-10
MULTIPLE_USER_ENTRIES
NUMBER
-11
NO_SUCH_GROUP
NUMBER
-12
MULTIPLE_GROUP_ENTRIES
NUMBER
-13
AUTH_FAILURE_EXCEPTION
NUMBER
-16
Handle Types
SUBSCRIBER_HANDLE
NUMBER
1
USER_HANDLE
NUMBER
2
GROUP_HANDLE
NUMBER
3
APP_HANDLE
NUMBER
4
ORCLCTX_HANDLE
NUMBER
5
SERVICE_HANDLE
NUMBER
6
Hint Types
TYPE_NICKNAME
NUMBER
1
TYPE_GUID
NUMBER
2
TYPE_DN
NUMBER
3
TYPE_DEFAULT
NUMBER
4
Internal Error
ERR_INTERNAL
NUMBER
-38
Memory Allocation
ERR_MEM_ALLOC
NUMBER
-37
Nested Levels
NESTED_MEMBERSHIP
NUMBER
0
DIRECT_MEMBERSHIP
NUMBER
1
Server Error Codes
PWD_EXPIRED_EXCEPTION
NUMBER
9000
ACCT_TOTALLY_LOCKED_EXCEPTION
NUMBER
9001
PWD_EXPIRE_WARN
NUMBER
9002
PWD_MINLENGTH_ERROR
NUMBER
9003
PWD_NUMERIC_ERROR
NUMBER
9004
PWD_NULL_ERROR
NUMBER
9005
PWD_INHISTORY_ERROR
NUMBER
9006
PWD_ILLEGALVALUE_ERROR
NUMBER
9007
PWD_GRACELOGIN_WARN
NUMBER
9008
PWD_MUSTCHANGE_ERROR
NUMBER
9009
USER_ACCT_DISABLED_ERROR
NUMBER
9050
Service Entity Errors
NO_SUCH_SERVICE
NUMBER
-31
NO_USER_SUBSCRIPTIONS
NUMBER
-32
NO_SUBSCRIPTIONS_TO_SERVICES
NUMBER
-33
NO_SERVICES_INSTALLED
NUMBER
-34
USER_NOT_SUBSCRIBED
NUMBER
-35
INVALID_SERVICE_SCHEMA
NUMBER
-36
Type of User Properties
ENTRY_PROPERTIES
NUMBER
0
DETACHED_PROPERTIES
NUMBER
1
COMMON_PROPERTIES
NUMBER
2
NICKNAME_PROPERTY
NUMBER
3
EXTPROPTYPE_RAD
NUMBER
4
DEFAULT_RAD_PROPERTIES
NUMBER
5
IDENTIFICATION_PROPERTIES
NUMBER
6
ADD_PROPERTY
NUMBER
0
REPLACE_PROPERTY
NUMBER
1
DELETE_PROPERTY
NUMBER
2
ADD_PROPERTY_SET
NUMBER
0
MODIFY_PROPERTY_SET
NUMBER
1
DELETE_PROPERTY_SET
NUMBER
2
Version
INTERFACE_VERSION
VARCHAR2(256)
'2'
VERSION
VARCHAR2(256)
'2'
Data Types
-- this data structure holds a pointer to Handle.
SUBTYPE handle IS RAW(32);
-- this data structure holds a pointer to List of Properties.
SUBTYPE property_set IS RAW(32);
-- this data structure holds a pointer to List of Properties.
SUBTYPE mod_property_set IS RAW(32);
-- this data structure holds a pointer to List of Property sets.
TYPE property_set_collection is TABLE of property_set
INDEX BY BINARY_INTEGER;
-- String collection.
SUBTYPE string_collection IS dbms_ldap_string_collection;
-- Binval collection.
SUBTYPE binval_collection IS dbms_ldap.binval_collection;
-- BLOB collection.
SUBTYPE blob_collection IS dbms_ldap.blog_collection;
Authenticates the user against Oracle Internet Directory
dbms_ldap_utl.authenticate_user(
ld IN session,
user_handle IN handle,
auth_type IN PLS_INTEGER,
credentials IN VARCHAR2,
binary_credentials IN RAW)
RETURN PLS_INTEGER;
Authenticates the user against Oracle Internet Directory
dbms_ldap_utl.authenticate_user_ext(
ld IN session,
user_handle IN handle,
auth_type IN PLS_INTEGER,
password_attr IN VARCHAR2,
password IN VARCHAR2)
RETURN PLS_INTEGER;
Returns the list of groups of which the user is a member
dbms_ldap_utl.get_group_membership(
ld IN session,
user_handle IN handle,
nested IN PLS_INTEGER,
attr_list IN string_collection,
ret_groups OUT property_set_collection)
RETURN PLS_INTEGER;
dbms_ldap_utl.get_group_properties(
ld IN session,
group_handle IN handle,
attrs IN string_collection,
ptype IN PLS_INTEGER,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
Retrieves the subsciber extended properties for the given subscriber handle
dbms_ldap_utl.get_subscriber_ext_properties(
ld IN session,
subscriber_handle IN handle,
attrs IN string_collection,
ptype IN PLS_INTEGER,
filter IN VARCHAR2,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
Retrieves the subscriber properties for the given subscriber handle
dbms_ldap_utl.get_subscriber_properties(
ld IN session,
subscriber_handle IN handle,
attrs IN string_colleciton,
ptype IN PLS_INTEGER,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
dbms_ldap_utl.get_user_extended_properties(
ld IN session,
user_handle IN handle,
attrs IN string_collection,
ptype IN PLS_INTEGER,
filter IN VARCHAR2,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
dbms_ldap_utl.get_user_properties(
ld IN session,
user_handle IN handle,
attrs IN string_collection,
ptype IN PLS_INTEGER,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
Authenticates the user against Oracle Internet Directory
dbms_ldap_utl.get_user_props_and_auth(
ld IN session,
user_handle IN handle,
auth_type IN PLS_INTEGER,
attrs IN string_collection,
credentials IN VARCHAR2,
binary_credentials IN RAW,
ret_pset_coll OUT property_set_collection)
RETURN PLS_INTEGER;
dbms_ldap_utl.populate_mod_propertyset(
mod_pset IN mod_property_set,
property_mod_op IN PLS_INTEGER,
property_name IN VARCHAR2,
property_values IN string_collection)
RETURN PLS_INTEGER;
dbms_ldap_utl.set_user_properties(
ld IN session,
user_handle IN handle,
pset_type IN PLS_INTEGER,
mod_pset IN property_set,
mod_op IN PLS_INTEGER)
RETURN PLS_INTEGER;