10
Overview of Oracle DCE Integration

Oracle DCE Integration enables Oracle applications and tools to access Oracle9i servers in a distributed computing environment. This chapter briefly describes the Distributed Computing Environment (DCE) and the Oracle DCE Integration product. It contains the following topics:

• Oracle DCE Integration Requirements
• The Distributed Computing Environment
• Components of Oracle DCE Integration
• Flexible DCE Deployment
• Release Limitations

Oracle DCE Integration Requirements

System Requirements

Oracle DCE Integration requires Oracle Net Services and Oracle9i. It is based on the Open Software Foundation (OSF) DCE protocol (V1.1 and later).

Note that OSF has merged with X/OPEN, another standards group, to form The Open Group. This group is committed to continuing DCE support.

Backward Compatibility

Oracle servers running DCE Integration 2.3.2 and later are backward compatible with clients running SQL*Net/DCE 2.1.6 or 2.2.3; however, Release 2.1.6 clients cannot take advantage of external roles.

A client running DCE Integration 2.3.2 or later cannot connect to a SQL*Net/DCE 2.1.6 or 2.2.3 server. A DCE Integration Release 2.3.2 or later client requires a Release 2.3.2 or later server in order to connect to a database.

The Distributed Computing Environment

The Distributed Computing Environment (DCE) from the Open Group is a set of integrated network services that works across multiple systems to provide a distributed environment. The network services include remote procedure calls (RPCs), directory service, security service, threads, distributed file service, diskless support, and distributed time service.

DCE is the middleware between distributed applications and the operating system/network services and is based on a client/server model of computing. By using the services and tools that DCE provides, users can create, use, and maintain distributed applications that run across a heterogeneous environment.

Components of Oracle DCE Integration

Oracle DCE Integration has two components: DCE Communication/Security and DCE CDS Native Naming.

• DCE Communication/Security
• DCE Cell Directory Services Native Naming

DCE Communication/Security

This component has three principal features:

Authenticated RPC

Oracle DCE Integration provides authenticated Remote Procedure Call (RPC) as the transport mechanism that enables multi-vendor interoperability. RPC also uses some of the other DCE services, including directory and security services, to provide location transparency and secure distributed computing.

Integrated Security and Single Sign-On

Oracle DCE Integration works with the DCE Security service to provide security within DCE cells. It enables a user logged onto DCE to securely access any Oracle database without having to specify a user name or password. This is sometimes called external authentication to the database, or single sign-on (SSO). Clients and servers that are not running DCE authentication services can interoperate with systems that have DCE security by specifying an Oracle password.

Data Privacy and Integrity

Oracle DCE Integration uses the multiple levels of security that DCE provides to ensure data authenticity, privacy, and integrity. Users have a range of choices, from no protection to full encryption for each connection, with a guarantee that no data is modified in transit.

DCE Cell Directory Services Native Naming

The DCE Cell Directory Services (CDS) Native Naming component includes naming and location transparency.

DCE Integration registers Oracle9i connect descriptors in the DCE CDS, letting them be transparently accessed across the entire DCE environment. Users can connect to Oracle database servers in a DCE environment using familiar Oracle service names.

The DCE Cell Directory Service offers a distributed, replicated repository service for name, address, and attributes of objects across the network. Because servers register their name and address information in the CDS, Oracle clients can make location-independent connections to Oracle9i servers. Services can be relocated without any changes to the client configuration. An Oracle utility is provided to load the Oracle service names with corresponding connect descriptors into CDS. After this is done, Oracle connect descriptors can be viewed from a central location with standard DCE tools.

For location of services across multiple cells, either of the following options can be used:

• DCE Global Directory Service (GDS)
• Internet Domain Naming Service (DNS)

  See Also: To configure DCE to use CDS naming, see Chapter 11, Configuring DCE for Oracle DCE Integration. To configure Oracle clients and servers to use CDS, see Chapter 12, Configuring Oracle9i for Oracle DCE Integration. For information about how Oracle Native Naming works with other Oracle name services, see the Oracle9i Net Services Administrator's Guide.

Flexible DCE Deployment

Oracle Advanced Security provides flexibility in your use of DCE services. You have the following options:

• You can use full DCE integration in your environment to integrate with all the DCE Secure Core services (RPC, directory, security, threads).
• You can use only the DCE directory services by using the DCE CDS Native Naming adapter, along with any conventional protocol adapter, such as TCP/IP.

Release Limitations

The following are limitations in Release 2 (9.2) of Oracle Advanced Security:

• Only one listener address that uses the DCE protocol is permitted for each node.
• Database links must specify a user name and password to connect.
• This release of DCE Integration does not support the Oracle Multi-Protocol Interchange.
• This release does not work with the Oracle shared server.