Oracle® Fusion Middleware Administrator's Guide for Oracle Directory Integration Platform 11g Release 1 (11.1.1) Part Number E10031-02 |
|
|
View PDF |
This chapter discusses the Oracle provisioning event engine. It contains these topics:
The Oracle provisioning event engine sends USER_ADD
, USER_MODIFY
and USER_DELETE
events, depending on the operation performed on the user entries in Oracle Internet Directory. Because the user will be represented by multiple entries containing base user and application-specific user information, applications can subscribe to all of the attributes in the event.
The user events are also sent when a base entry or application entry is updated. However, no events are sent when an application entry is deleted because when an administrator requests the deprovisioning of a user from an application, a USER_MODIFY
event is sent to the application with a provisioning status of DEPROVISIONING_REQUIRED
. Once the application acknowledges the event by returning a value of SUCCESS
, the application entry is deleted by the Oracle Directory Integration Platform.
To receive notification of provisioning status changes, an application must subscribe to the orclUserApplnProvStatus;
Application_Name
attribute. For example, to subscribe to the provisioning status change for an application named CORP_EMAIL, an application must subscribe to the orclUserApplnProvStatus; CORP-EMAIL
attribute.
The Oracle provisioning event engine generates events from add, modify, and delete operations that are performed on well-defined objects in Oracle Internet Directory. The Oracle provisioning event engine uses object definitions and event generation rules to generate events. This event generation model is extensible because it enables you to define custom objects and event generation rules. The Oracle provisioning event-engine, object definitions, and event generation rules are discussed in these topics:
Table 14-1 lists the properties that you can use to identify objects for which events can be generated.
Table 14-1 Event Object Properties
Property | Description |
---|---|
|
Assigns a unique name to identify the object |
|
Identifies the LDAP object class to use for identifying the object |
|
Provides any additional attributes that are required for identifying the object |
|
Provides any optional attributes that may be required for identifying the object |
|
Lists the attributes that should not be sent during event propagation |
Table 14-2 lists the predefined objects for which the Oracle provisioning event engine can generate events.
Table 14-2 Predefined Event Objects
Object Name | Valid Object Class Values |
---|---|
|
|
|
|
|
|
|
|
|
|
|
|
Note:
The metadata for event objects is stored in the following container:cn=Object Definitions, cn=Directory Integration Platform,cn=Products,cn=OracleContext
You specify event generation rules in XML format. The DTD for event generation rules is as follows:
<?xml version='1.0' ?> <!DOCTYPE EventRuleSet [ <!ELEMENT ChangeType (#PCDATA)> <!ELEMENT Rule (#PCDATA)> <!ELEMENT EventName (#PCDATA)> <!ELEMENT ResEvent (Rule*, EventName)> <!ELEMENT EventRule (ChangeType, ResEvent*)> <!ELEMENT EventRuleSet (EventRule*) > ]>
The element definitions in the preceding DTD are as follows:
The EventRuleSet
root element identifies a set of event rules for an individual event object
The EventRuleSet
root element contains a list of EventRule
elements
Each EventRule
element depends on the value assigned to the ChangeType
element.
The ChangeType
and Rule
elements determine the event name to be propagated to an application
Table 14-3 lists the event definitions that are supported by the Oracle provisioning event engine.
Table 14-3 Supported Event Definitions
Object Name | Change Type | Rule | Event Name |
---|---|---|---|
|
Add |
|
|
Add |
|
|
|
Modify |
|
|
|
|
|
||
|
|
||
|
|
||
|
|
||
|
|
||
Delete |
|
|
|
|
|
||
|
|||
|
Add |
|
|
Modify |
|
||
Delete |
|
||
|
Add |
|
|
Modify |
|
||
Delete |
|
||
|
Add |
|
|
Modify |
|
||
Delete |
|
||
|
Add |
|
|
Modify |
|
||
Delete |
|
||
|
Add |
|
|
Modify |
|
||
Delete |
|
Note:
The metadata for supported event objects is stored in the following container:cn=Event Definitions, cn=Directory Integration Platform,cn=Products,cn=OracleContext
.