SSL for OIMClient

Version: Oracle Identity Manager 11g
Description: This will show you how to SSL for OIMClient on a stand alone Java application.

Prerequisite:

1. Ensure SSL listen Port for OIM is enabled.

• Log into WebLogic Administration console.
• Navigate to Servers -> OIM_SERVER.
• Check mark SSL Listen Port Enabled and restart OIM server.

2. Include "webserviceclient+ssl.jar" and  "cryptoj.jar" in your project class path.

3. Execute the java application with the following jvm argument:

• -Dweblogic.security.SSL.trustedCAKeyStore= {Demo Trust Keystore}

In WebLogic Administration console, navigate to Servers -> OIM_SERVER -> Keystores to see the location of your Demo Trust Keystore. 
E.g. /home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/DemoTrust.jks

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66

import java.util.Hashtable; import java.util.logging.Level; import java.util.logging.Logger; import javax.security.auth.login.LoginException; import oracle.iam.platform.OIMClient; import oracle.iam.platform.authz.exception.AccessDeniedException; import oracle.iam.provisioning.exception.AccountNotFoundException; import oracle.iam.provisioning.exception.GenericProvisioningException;   /**  * Uses SSL OIMClient to access Oracle Identity Manager.  * t3s protocol is used for SSL.  * In WebLogic Administration console, navigate to Servers -> OIM_SERVER -> Configuration : General  * to view the OIM SSL listen port.  */   public class OracleIdentityManagerClient {     public static final String OIM_HOSTNAME = "localhost";     public static final String OIM_PORT = "14001";     public static final String OIM_PROVIDER_URL = "t3s://"+ OIM_HOSTNAME + ":" + OIM_PORT;     public static final String OIM_USERNAME = "xelsysadm";     public static final String OIM_PASSWORD = "Password1";     public static final String OIM_CLIENT_HOME = "/home/oracle/Desktop/oimclient";     public static final String AUTHWL_PATH = OIM_CLIENT_HOME + "/conf/authwl.conf";     public static final String TRUST_KEYSTORE_FOR_SSL = "/home/oracle/Oracle/Middleware/wlserver_10.3/server/lib/DemoTrust.jks";       public static void main(String[] args) throws AccountNotFoundException, oracle.iam.platform.authopss.exception.AccessDeniedException, GenericProvisioningException     {         OIMClient oimClient = null;                   try         {             //Set system properties required for OIMClient             System.setProperty("java.security.auth.login.config", AUTHWL_PATH);             System.setProperty("APPSERVER_TYPE", "wls");                          // Create an instance of OIMClient with OIM environment information             Hashtable<String,String> env = new Hashtable<String,String>();             env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, "weblogic.jndi.WLInitialContextFactory");             env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, OIM_PROVIDER_URL);             oimClient = new OIMClient(env);               // Login to OIM with the approriate credentials             oimClient.login(OIM_USERNAME, OIM_PASSWORD.toCharArray());         }                   catch (LoginException ex)         {             Logger.getLogger(OracleIdentityManagerClient.class.getName()).log(Level.SEVERE, null, ex);         }           catch (AccessDeniedException ex)         {             Logger.getLogger(OracleIdentityManagerClient.class.getName()).log(Level.SEVERE, null, ex);           }           finally         {             // Logout user from OIMClient             if(oimClient != null)                 oimClient.logout();         }     } }