Access Control List Processing in Oracle Virtual Directory
(Doc ID 579691.1)
Last updated on MARCH 18, 2019
Oracle Virtual Directory - Version 10.1.4 and later Information in this document applies to any platform.
The purpose of this document is to explain Access Control List ( ACL ) processing in Oracle Virtual Directory.
Oracle Virtual Directory ( OVD ) provides a single directory view of different data sources for example databases or LDAP servers.
OVD provides Access Control for the whole virtual namespace. The OVD Access Controls are processed for incoming OVD requests.
Further Oracle Virtual Directory must conform to the authentication and authorization rules of the connected systems. OVD connects via an adapter to remote Server to build up the virtual namespace. This means OVD acts as a client to the connected Server and the security rules applied on the connected Server depend on the user credentials passed by OVD. For some adapters ( e.g. LDAP adapter ) a "Pass-Through" mode could be configured at adapter level determining which credentials are passed to the remote Directory system.
In this way Oracle Virtual Directory supports own Access Control and the security inherent in the connected system.It is important to understand that an LDAP operation against OVD depends on the security rules applied in OVD and the connected Server.
This note discusses Access Control List processing in OVD and does not discuss the different "Pass-through" mode settings.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!