SSL for OIMClient

Version: Oracle Identity Manager 11g
Description: This will show you how to SSL for OIMClient on a stand alone Java application.

Prerequisite:

1. Ensure SSL listen Port for OIM is enabled.

• Log into WebLogic Administration console.
• Navigate to Servers -> OIM_SERVER.
• Check mark SSL Listen Port Enabled and restart OIM server.

2. Include "webserviceclient+ssl.jar" and  "cryptoj.jar" in your project class path.

3. Execute the java application with the following jvm argument:

• -Dweblogic.security.SSL.trustedCAKeyStore= {Demo Trust Keystore}

In WebLogic Administration console, navigate to Servers -> OIM_SERVER -> Keystores to see the location of your Demo Trust Keystore. 
E.g. /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/DemoTrust.jks

import java.util.Hashtable;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.security.auth.login.LoginException;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.authz.exception.AccessDeniedException;
import oracle.iam.provisioning.exception.AccountNotFoundException;
import oracle.iam.provisioning.exception.GenericProvisioningException;

/**
 * Uses SSL OIMClient to access Oracle Identity Manager.
 * t3s protocol is used for SSL.
 * In WebLogic Administration console, navigate to Servers -> OIM_SERVER -> Configuration : General
 * to view the OIM SSL listen port.
 */

public class OracleIdentityManagerClient
{
    public static final String OIM_HOSTNAME = "localhost";
    public static final String OIM_PORT = "14001";
    public static final String OIM_PROVIDER_URL = "t3s://"+ OIM_HOSTNAME + ":" + OIM_PORT;
    public static final String OIM_USERNAME = "xelsysadm";
    public static final String OIM_PASSWORD = "Password1";
    public static final String OIM_CLIENT_HOME = "/home/oracle/Desktop/oimclient";
    public static final String AUTHWL_PATH = OIM_CLIENT_HOME + "/conf/authwl.conf";
    public static final String TRUST_KEYSTORE_FOR_SSL = "/home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/DemoTrust.jks";

    public static void main(String[] args) throws AccountNotFoundException, oracle.iam.platform.authopss.exception.AccessDeniedException, GenericProvisioningException
    {
        OIMClient oimClient = null;
        
        try
        {
            //Set system properties required for OIMClient
            System.setProperty("java.security.auth.login.config", AUTHWL_PATH);
            System.setProperty("APPSERVER_TYPE", "wls"); 
           
            // Create an instance of OIMClient with OIM environment information 
            Hashtable<String,String> env = new Hashtable<String,String>();
            env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, "weblogic.jndi.WLInitialContextFactory");
            env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, OIM_PROVIDER_URL);
            oimClient = new OIMClient(env);

            // Login to OIM with the approriate credentials
            oimClient.login(OIM_USERNAME, OIM_PASSWORD.toCharArray());
        } 
        
        catch (LoginException ex)
        {
            Logger.getLogger(OracleIdentityManagerClient.class.getName()).log(Level.SEVERE, null, ex);
        }

        catch (AccessDeniedException ex)
        {
            Logger.getLogger(OracleIdentityManagerClient.class.getName()).log(Level.SEVERE, null, ex);

        }

        finally
        {
            // Logout user from OIMClient
            if(oimClient != null)
                oimClient.logout();
        }
    }
}