15 DAS_URL Interface Reference

This chapter describes the Oracle extensions to the DAS_URL Service Interface. It contains these sections:

Directory Entries for the Service Units
Service Units and Corresponding URL Parameters
DAS URL API Parameter Descriptions
Search-and-Select Service Units for Users or Groups

15.1 Directory Entries for the Service Units

Table 15-1 lists the Oracle Delegated Administration Services units and the directory entries that store relative URLs for these units.

Table 15-1 Service Units and Corresponding Entries

Service Unit	Entry
Create User	cn=Create User,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
Edit User	cn=Edit User,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
Edit User when GUID is passed as a parameter	cn=Edit UserGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Delete User	cn=DeleteUser,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
Delete User when GUID of the user to be deleted is passed as a parameter	cn=DeleteUserGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Create Group	cn=Create Group,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Edit Group	cn=Edit Group,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext
Edit the group whose GUID is passed through a parameter	cn=Edit GroupGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Delete Group	cn=DeleteGroup,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Delete group with the GUID passed through a parameter	cn=DeleteGroupGivenGUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Assign privileges to a user	cn=User Privilege,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Assign privileges to a user with the GUID passed through a parameter	cn=User Privilege Given GUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Assign privilege to a group	cn=Group Privilege,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Assign privilege to a group with the given GUID	cn=Group Privilege Given GUID,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
View User account information/Profile	cn=Account Info,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Edit User account Information/Profile	cn=Edit My Profile,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Change Password	cn=Password Change,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Search User	cn=User Search,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Search Group	cn=Group Search,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Search User LOV	cn=User LOV,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Search Group LOV	cn=Group LOV,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
EUS Console	cn=EUS Console,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext"
Delegation Console	cn=Delegation Console,cn=OperationURLs,cn=DAS,cn=Products, cn=OracleContext
Password Reset	cn=Reset Password,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContex
View User Profile	cn=View User Profile,cn=OperationURLs,cn=DAS,cn=Products,cn=OracleContext

15.2 Service Units and Corresponding URL Parameters

Table 15-2 lists the service units and the URL parameters that can be passed to these units.

Table 15-2 Service Units and Corresponding URL Parameters

Service Unit	Parameter	Return Values
Create User	doneURL homeURL cancelURL enablePA enableHomeURL enableHelpURL	returnGUID
Edit User	homeURL doneURL cancelURL enablePA enableHomeURL enableHelpURL	-
Edit UserGivenGUID	homeURL doneURL cancelURL enablePA userGUID enableHomeURL enableHelpURL	-
Edit My Profile	homeURL doneURL cancelURL enableHomeURL enableHelpURL	-
Delegation Console	-	-
DeleteUser	homeURL doneURL cancelURL enableHomeURL enableHelpURL	-
DeleteUserGivenGUID	homeURL doneURL cancelURL userGUID enableHomeURL enableHelpURL	-
User Privilege	homeURL doneURL cancelURL enableHomeURL enableHelpURL
User Privilege Given GUID	homeURL doneURL cancelURL userGUID enableHomeURL enableHelpURL	-
Create Group	homeURL doneURL cancelURL enablePA parentDN enableHomeURL enableHelpURL	returnGUID
Edit Group	homeURL doneURL cancelURL enablePA enableHomeURL enableHelpURL	-
Edit GroupGivenGUID	homeURL doneURL cancelURL enablePA groupGUID enableHomeURL enableHelpURL	-
DeleteGroup	homeURL doneURL cancelURL enableHomeURL enableHelpURL	-
DeleteGroupGivenGUID	homeURL doneURL cancelURL groupGUID enableHomeURL enableHelpURL	-
Group Privilege	homeURL doneURL cancelURL enableHomeURL enableHelpURL	-
Group Privilege Given GUID	homeURL doneURL cancelURL groupGUID enableHomeURL enableHelpURL	-
Account Info	homeURL doneURL cancelURL enableHomeURL enableHelpURL	-
Password Change	homeURL doneURL cancelURL enableHomeURL enableHelpURL	-
User Search	homeURL doneURLm cancelURL enableHomeURL enableHelpURL	-
Group Search	homeURL doneURL cancelURL enableHomeURL enableHelpURL	-
Password Reset	cancelURL doneURL enableHomeURL enableHelpURL	-
View User Profile	userGuid doneURL homeURL nableHomeURL enableHelpURL	-
User LOV	base cfilter title dasdomain callbackURL	userDn userGuid userName nickName userEmail
Group LOV	otype base cfilter title dasdomain callbackURL	groupDN groupGuid groupName groupDescription

15.3 DAS URL API Parameter Descriptions

The parameters described in Table 15-3 are used with DAS units.

Table 15-3 DAS URL Parameter Descriptions

Parameter	Description
homeURL	The URL that is linked to the global button Home. When the calling application specifies this value, clicking Home redirects the DAS unit to the URL specified by this parameter.
doneURL	This URL is used by DAS to redirect the DAS page at the end of each operation. In the case of Create User, once the user is created, clicking OK redirects the URL to this location.
callbackURL	DAS uses this URL to send return values to the invoking application. For UserLOV and GroupLOV units, the return values are submitted as HTML form parameters through the HTTP POST method.
cancelURL	This URL is linked with all the Cancel buttons shown in the DAS units. Any time the user clicks Cancel, the page is redirected to the URL specified by this parameter.
enablePA	This parameter takes a Boolean value of true or false. Set to true, the parameter enables the Assign Privileges in User or Group operation. If the `enablePA` is passed with value of true in the Create User page, the Assign Privileges to User section also appears in the Create User page.
userGUID	This is the GUID of the user to be edited or deleted. This corresponds to the orclguid attribute. Specifying the GUID causes the search for the user step in either editUser or deleteUser units to be skipped.
GroupGUID	This is the GUID of the group to be edited or deleted. This corresponds to the orclguid attribute. Specifying the GUID causes the search for the group step in either editGroup or deleteGroup units to be skipped.
parentDN	When this parameter is specified in CreateGroup, the group is created under this container. If the parameter is not specified, group creation defaults to the group search base.
base	This parameter represents the search base in the case of search operations.
cfilter	This parameter represents the filter to be used for the search. This filter is LDAP compliant.
title	This parameter represents the title to be shown in the Search and Select LOV page.
otype	This parameter represents the object type used for search. Values supported are `Select`, `Edit`, and `Assign`.
returnGUID	This parameter is appended to the done URL in case of a create operation. The value will be the orclguid of the new object.
dasdomain	This parameter is needed only when the browser is Internet Explorer and the calling URL and the DAS URL are on different hosts and in the same domain. An example value is us.oracle.com. Note the calling application also needs to set the `document.domain` parameter on the formload. For more details, refer to Microsoft support at: `http://support.microsoft.com/`
enableHomeUR	When this parameter is passed with a value of false, the service unit will be rendered without the home button and home link. By default, the parameter is set to true.
enableHelpURL	When this parameter is passed with a value of false, the service unit will be rendered without the help button and help link. By default, the parameter is set to true.

15.4 Search-and-Select Service Units for Users or Groups

DAS provides service units for searching and selecting users or groups. These service units are sometimes referred to as user or group List Of Values (LOV).

15.4.1 Invoking Search-and-Select Service Units for Users or Groups

A custom application can open a popup window and populate its contents by supplying a search-and-select URL for a user or group by using a URL of the form:

http://das_host:das_port/oiddas/ui/oracle/ldap/das/search/LOVUserSearch
?title=User&callbackurl=http://app_host:app_port/custapp/Callback

http://das_host:das_port/oiddas/ui/oracle/ldap/das/search/LOVGroupSearch
?title=User&callbackurl=http://app_host:app_port/custapp/Callback

respectively. For example:

http://server02.example.com:7777/oiddas/ui/oracle/ldap/das/search/LOVUserSearch?
Mary.Smith=User&callbackurl=http://server04.example.com:7778/custapp/Callback

In this example, server02.example.com:7777 is the host name and port of the Oracle Internet Directory DAS application server. server04.example.com:7778 is the host name and port of the custom application server. Mary.Smith is a string that appears in the title of the Search and Select page. http://server04.example.com:7778/custapp/Callback is a URL of the custom application server that receives the selected parameters for users or groups.

Note:

To avoid popup blocking, the custom application may open the popup window with a URL on the local custom application server and immediately redirect to the Oracle Internet Directory DAS User or Group Search-and-Select URL.

15.4.2 Receiving Data from the User or Group Search-and-Select Service Units

After a User or Group has been selected via the Oracle Internet Directory DAS User or Group Search-and-Select Service Unit, an HTTP form will be submitted to the callbackurl page using the POST method. The parameters defined in Table 15-4 and Table 15-5 are available to the callbackurl page:

Table 15-4 User Search and Select

Parameter	Description
userDn	User's distinguished name.
userGuid	User's global unique ID.
userName	User's name.
nickName	User's nickname
userEmail	User's email.

Table 15-5 Group Search and Select

Parameter	Description
groupDn	Group's distinguished name.
groupGuid	Group's global unique ID.
groupName	Group's name.
groupDescription	Group's description.

The callbackurl page in the popup window may transfer the form parameters to the invoking page in the opener window using JavaScript. It may then close the popup window.

Note:

To avoid JavaScript security problems, the custom application may supply the callbackurl page on the same server as the invoking page. This enables the callbackurl page in the popup window and the invoking page in the opener window to communicate directly through JavaScript.