12 DAS_URL Interface Reference

This chapter describes the Oracle extensions to the DAS_URL Service Interface. It contains these sections:

Directory Entries for the Service Units
DAS Units and Corresponding URL Parameters
DAS URL API Parameter Descriptions
Search-and-Select Service Units for Users or Groups

12.1 Directory Entries for the Service Units

Table 12-1 lists the Oracle Delegated Administration Services units and the directory entries that store relative URLs for these units.

Table 12-1 Service Units and Corresponding Entries

Service Unit	Entry
Create User	cn=CreateUser,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
Edit User	cn=EditUser,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
Edit User when GUID is passed as a parameter	cn=EditUserGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Delete User	cn=DeleteUser,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
Delete User when GUID of the user to be deleted is passed as a parameter	cn=DeleteUserGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Create Group	cn=CreateGroup,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Edit Group	cn=EditGroup,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
Edit the group whose GUID is passed through a parameter	cn=EditGroupGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Delete Group	cn=DeleteGroup,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Delete group with the GUID passed through a parameter	cn=DeleteGroupGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Assign privileges to a user	cn=UserPrivilege,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Assign privileges to a user with the GUID passed through a parameter	cn=UserPrivilegeGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Assign privilege to a group	cn=GroupPrivilege,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Assign privilege to a group with the given GUID	cn=GroupPrivilegeGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
View User account information/Profile	cn=AccountInfo,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Edit User account Information/Profile	cn=Edit My Profile,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Change Password	cn=PasswordChange,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Search User	cn=UserSearch,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Search Group	cn=GroupSearch,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Search User LOV	cn=UserLOV,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Search Group LOV	cn=GroupLOV,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
EUS Console	cn=EUS Console,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext"
Delegation Console	cn=DelegationConsole,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext

12.2 DAS Units and Corresponding URL Parameters

Table 12-2 lists the DAS units and the URL parameters that can be passed to these units.

Table 12-2 DAS Units and Corresponding URL Parameters

DAS Unit	Parameter	Return Values
Create User	doneURL homeURL cancelURL enablePA	returnGUID
Edit User	homeURL doneURL cancelURL enablePA	-
EditUserGivenGUID	homeURL doneURL cancelURL enablePA userGUID	-
EditMyProfile	homeURL doneURL cancelURL	-
Delegation Console	-	-
DeleteUser	homeURL doneURL cancelURL	-
DeleteUserGivenGUID	homeURL doneURL cancelURL userGUID	-
UserPrivilege	homeURL doneURL cancelURL
UserPrivilegeGivenGUID	homeURL doneURL cancelURL userGUID	-
CreateGroup	homeURL doneURL cancelURL enablePA parentDN	returnGUID
EditGroup	homeURL doneURL cancelURL enablePA	-
EditGroupGivenGUID	homeURL doneURL cancelURL enablePA groupGUID	-
DeleteGroup	homeURL doneURL cancelURL	-
DeleteGroupGivenGUID	homeURL doneURL cancelURL groupGUID	-
GroupPrivilege	homeURL doneURL cancelURL	-
GroupPrivilegeGivenGUID	homeURL doneURL cancelURL groupGUID	-
AccountInfo	homeURL doneURL cancelURL	-
PasswordChange	homeURL doneURL cancelURL	-
UserSearch	homeURL doneURLm cancelURL	-
GroupSearch	homeURL doneURL cancelURL	-
UserLOV	base cfilter title dasdomain callbackURL	userDn userGuid userName nickName userEmail
GroupLOV	otype base cfilter title dasdomain callbackURL	groupDN groupGuid groupName groupDescription

12.3 DAS URL API Parameter Descriptions

The parameters described in Table 12-3 are used with DAS units.

Table 12-3 DAS URL Parameter Descriptions

Parameter	Description
homeURL	The URL that is linked to the global button Home. When the calling application specifies this value, clicking Home redirects the DAS unit to the URL specified by this parameter.
doneURL	This URL is used by DAS to redirect the DAS page at the end of each operation. In the case of Create User, once the user is created, clicking OK redirects the URL to this location.
callbackURL	DAS uses this URL to send return values to the invoking application. For UserLOV and GroupLOV units, the return values are submitted as HTML form parameters through the HTTP POST method.
cancelURL	This URL is linked with all the Cancel buttons shown in the DAS units. Any time the user clicks Cancel, the page is redirected to the URL specified by this parameter.
enablePA	This parameter takes a Boolean value of true or false. Set to true, the parameter enables the Assign Privileges in User or Group operation. If the `enablePA` is passed with value of true in the Create User page, the Assign Privileges to User section also appears in the Create User page.
userGUID	This is the GUID of the user to be edited or deleted. This corresponds to the orclguid attribute. Specifying the GUID causes the search for the user step in either editUser or deleteUser units to be skipped.
GroupGUID	This is the GUID of the group to be edited or deleted. This corresponds to the orclguid attribute. Specifying the GUID causes the search for the group step in either editGroup or deleteGroup units to be skipped.
parentDN	When this parameter is specified in CreateGroup, the group is created under this container. If the parameter is not specified, group creation defaults to the group search base.
base	This parameter represents the search base in the case of search operations.
cfilter	This parameter represents the filter to be used for the search. This filter is LDAP compliant.
title	This parameter represents the title to be shown in the Search and Select LOV page.
otype	This parameter represents the object type used for search. Values supported are `Select`, `Edit`, and `Assign`.
returnGUID	This parameter is appended to the done URL in case of a create operation. The value will be the orclguid of the new object.
dasdomain	This parameter is needed only when the browser is Internet Explorer and the calling URL and the DAS URL are on different hosts and in the same domain. An example value is us.oracle.com. Note the calling application also needs to set the `document.domain` parameter on the formload. For more details, refer to Microsoft support at: `http://support.microsoft.com/`

12.4 Search-and-Select Service Units for Users or Groups

DAS provides service units for searching and selecting users or groups. These service units are sometimes referred to as user or group List Of Values (LOV).

12.4.1 Invoking Search-and-Select Service Units for Users or Groups

A custom application can open a popup window and populate its contents by supplying a search-and-select URL for a user or group:

http://a.b.c:port/oiddas/ui/oracle/ldap/das/search/LOVUserSearch?title=User& callbackurl=http://x.y.z:port/custapp/Callback

http://a.b.c:port/oiddas/ui/oracle/ldap/das/search/LOVGroupSearch?title= Group&callbackurl=http://x.y.z:port/custapp/Callback

In these examples, a.b.c:port is the host name and port of the OID DAS application server. x.y.z:port is the host name and port of the custom application server. title is a string that appears in the title of the Search and Select page. callbackurl is a URL on the custom application server that receives the selected parameters for users or groups.

Note:

To avoid popup blocking, the custom application may open the popup window with a URL on the local custom application server and immediately redirect to the OID DAS User or Group Search-and-Select URL.

12.4.2 Receiving Data from the User or Group Search-and-Select Service Units

After a User or Group has been selected via the OID DAS User or Group Search-and-Select Service Unit, an HTTP form will be submitted to the callbackurl page using the POST method. The parameters defined in Table 12-4 and Table 12-5 are available to the callbackurl page:

Table 12-4 User Search and Select

Parameter	Description
userDn	User's distinguished name.
userGuid	User's global unique ID.
userName	User's name.
nickName	User's nickname
userEmail	User's email.

Table 12-5 Group Search and Select

Parameter	Description
groupDN	Group's distinguished name.
groupGuid	Group's global unique ID.
groupName	Group's name.
groupDescription	Group's description.

The callbackurl page in the popup window may transfer the form parameters to the invoking page in the opener window using JavaScript. It may then close the popup window.

Note:

To avoid JavaScript security problems, the custom application may supply the callbackurl page on the same server as the invoking page. This enables the callbackurl page in the popup window and the invoking page in the opener window to communicate directly through JavaScript.