Each directory attribute is represented in the interface by an OM object of OM class DS_C_ATTRIBUTE. The type of the directory attribute is represented by an OM attribute, DS_ATTRIBUTE_TYPE, within the OM object. The values of the directory attribute are expressed as the values of the OM attribute DS_ATTRIBUTE_VALUES.
The representation of the attribute value depends on the attribute type and is determined as indicated in the following list. The list describes the way in which an application program must supply values to the interface; for example, in the changes parameter to ds_modify_entry( ). The interface follows the same rules when returning attribute values to the application; for example, in the ds_read( ) result.
· The first possibility is that the attribute type and the representation of the corresponding values can be defined in a package; for example, the selected attribute types from the standards that are defined in the basic directory contents package in Basic Directory Contents Package and the strong authentication package in Strong Authentication Package. In this case, attribute values are represented as specified. Additional directory attribute types and their OM representations are defined by the GDS package.
· If the attribute type is not known and the value is an ASN.1 simple type such as IntegerType, the representation is the corresponding type specified in c.
· If the attribute type is not known and the value is an ASN.1 structured type, the value is represented in the Basic Encoding Rules (BER) with OM syntax String(OM_S_ENCODING_STRING).
Note: The distinguished encoding specified in the standards (see Clause 8.7 of The Directory: Authentication Framework, ISO 9594-8, CCITT X.500) must be used if the request is to be signed.
Where attribute values have OM syntax String(*), they can be long segmented strings, and the functions om_read( ) and om_write( ) need to be used to access them.
An Attribute Value Assertion (AVA) is an assertion about the value of an attribute of an entry, and it can be TRUE, FALSE, or undefined. It consists of an attribute type and a single value. In general, the AVA is TRUE if one of the values of the given attribute in the entry matches the given value. An AVA is represented in the interface by an instance of OM class DS_C_AVA, which is a subclass of DS_C_ATTRIBUTE and can only have one value.
Information used by ds_add_entry( ) to construct a new directory entry is represented by an OM object of OM class DS_C_ATTRIBUTE_LIST, which contains a single multivalued OM attribute whose values are OM objects of OM class DS_C_ATTRIBUTE.