Description: A utility to provision a resource account to an OIM User. The parent data and the child data can be provided to populate the process forms associated with the application instance.
 |
| Results of executing code |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.blogspot.oraclestack.testdriver; | |
| import com.blogspot.oraclestack.utilities.ProvisioningUtils; | |
| import java.util.ArrayList; | |
| import java.util.HashMap; | |
| import java.util.Hashtable; | |
| import java.util.Map; | |
| import oracle.core.ojdl.logging.ODLLogger; | |
| import oracle.iam.platform.OIMClient; | |
| import oracle.iam.provisioning.vo.ChildTableRecord.ACTION; | |
| import oracle.iam.provisioning.vo.ChildTableRecord; | |
| /** | |
| * Test Driver fro Provisioning Utilities | |
| * @author rayedchan | |
| */ | |
| public class ProvisioningTestDriver | |
| { | |
| // Logger | |
| private static final ODLLogger logger = ODLLogger.getODLLogger(ProvisioningTestDriver.class.getName()); | |
| // Adjust constant variables according to you OIM environment | |
| public static final String OIM_HOSTNAME = "localhost"; | |
| public static final String OIM_PORT = "14000"; // For SSL, use 14001; For non-SSL, use 14000 | |
| public static final String OIM_PROVIDER_URL = "t3://"+ OIM_HOSTNAME + ":" + OIM_PORT; // For SSL, use t3s protocol; For non-SSL, use t3 protocol | |
| public static final String AUTHWL_PATH = "lib/config/authwl.conf"; | |
| public static final String APPSERVER_TYPE = "wls"; | |
| public static final String FACTORY_INITIAL_TYPE = "weblogic.jndi.WLInitialContextFactory"; | |
| public static final String OIM_ADMIN_USERNAME = "xelsysadm"; | |
| public static final String OIM_ADMIN_PASSWORD = "Password1"; | |
| public static void main(String[] args) throws Exception | |
| { | |
| OIMClient oimClient = null; | |
| try | |
| { | |
| // Set system properties required for OIMClient | |
| System.setProperty("java.security.auth.login.config", AUTHWL_PATH); | |
| System.setProperty("APPSERVER_TYPE", APPSERVER_TYPE); | |
| // Create an instance of OIMClient with OIM environment information | |
| Hashtable<String, String> env = new Hashtable<String, String>(); | |
| env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, FACTORY_INITIAL_TYPE); | |
| env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, OIM_PROVIDER_URL); | |
| // Establish an OIM Client | |
| oimClient = new OIMClient(env); | |
| // Login to OIM with System Administrator Credentials | |
| oimClient.login(OIM_ADMIN_USERNAME, OIM_ADMIN_PASSWORD.toCharArray()); | |
| // Instaniate custom utility | |
| ProvisioningUtils provUtils = new ProvisioningUtils(oimClient); | |
| String userLogin = "TSWIFT"; // TODO: Change this with your user | |
| String appInstName = "DBATUser"; // TODO: Change this with application name | |
| String CHILD_PROCESS_FORM_NAME = "UD_DBATRO"; // TODO: Change with child process form name | |
| String CHILD_ATTRIBUTE_NAME = "UD_DBATRO_ROLE"; // TODO: Change with child attribute name | |
| // ========================================== | |
| // Data to populate the parent process form | |
| // ========================================== | |
| Map<String,Object> parentData = new HashMap<String,Object>(); | |
| parentData.put("UD_DBATUSR_FIRST_NAME", "Taylor"); | |
| parentData.put("UD_DBATUSR_MIDDLE_NAME", "Alison"); | |
| parentData.put("UD_DBATUSR_LAST_NAME", "Swift"); | |
| parentData.put("UD_DBATUSR_USER_ID", "TSWIFT"); | |
| parentData.put("UD_DBATUSR_UNIQUE_ID", "TSWIFT"); | |
| parentData.put("UD_DBATUSR_TITLE", "Celebrity"); | |
| // ========================================== | |
| // Data to populate the child form | |
| // ========================================== | |
| Map<String, ArrayList<ChildTableRecord>> childData = new HashMap<String, ArrayList<ChildTableRecord>>(); | |
| ArrayList<ChildTableRecord> modRecords = new ArrayList<ChildTableRecord>(); | |
| // First child record | |
| HashMap<String,Object> addRecordData = new HashMap<String,Object>(); | |
| addRecordData.put(CHILD_ATTRIBUTE_NAME, "Singer"); | |
| ChildTableRecord addRecord = new ChildTableRecord(); | |
| addRecord.setAction(ACTION.Add); | |
| addRecord.setChildData(addRecordData); | |
| modRecords.add(addRecord); | |
| // Second child record | |
| HashMap<String,Object> addRecordData2 = new HashMap<String,Object>(); | |
| addRecordData2.put(CHILD_ATTRIBUTE_NAME, "Actress"); | |
| ChildTableRecord addRecord2 = new ChildTableRecord(); | |
| addRecord2.setAction(ACTION.Add); | |
| addRecord2.setChildData(addRecordData2); | |
| modRecords.add(addRecord2); | |
| // Wrapper for child data provisioning | |
| childData.put(CHILD_PROCESS_FORM_NAME, modRecords); // Put Child Form Name and its modified child data | |
| // ========================================== | |
| // Call custom method to provision account | |
| // ========================================== | |
| Long oiuKey = provUtils.provisionResourceAccountToUser(userLogin, appInstName, parentData, childData); | |
| System.out.println(oiuKey); | |
| } | |
| finally | |
| { | |
| if( oimClient != null) | |
| { | |
| oimClient.logout(); | |
| } | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.blogspot.oraclestack.utilities; | |
| import java.util.ArrayList; | |
| import java.util.Map; | |
| import java.util.Set; | |
| import oracle.core.ojdl.logging.ODLLevel; | |
| import oracle.core.ojdl.logging.ODLLogger; | |
| import oracle.iam.identity.exception.NoSuchUserException; | |
| import oracle.iam.identity.exception.UserLookupException; | |
| import oracle.iam.identity.usermgmt.api.UserManager; | |
| import oracle.iam.identity.usermgmt.vo.User; | |
| import oracle.iam.platform.OIMClient; | |
| import oracle.iam.platform.authz.exception.AccessDeniedException; | |
| import oracle.iam.provisioning.api.ApplicationInstanceService; | |
| import oracle.iam.provisioning.api.ProvisioningService; | |
| import oracle.iam.provisioning.exception.ApplicationInstanceNotFoundException; | |
| import oracle.iam.provisioning.exception.GenericAppInstanceServiceException; | |
| import oracle.iam.provisioning.exception.GenericProvisioningException; | |
| import oracle.iam.provisioning.exception.UserNotFoundException; | |
| import oracle.iam.provisioning.vo.Account; | |
| import oracle.iam.provisioning.vo.AccountData; | |
| import oracle.iam.provisioning.vo.ApplicationInstance; | |
| import oracle.iam.provisioning.vo.ChildTableRecord; | |
| /** | |
| * Contains methods to provision application instances | |
| * @author rayedchan | |
| */ | |
| public class ProvisioningUtils | |
| { | |
| // Logger | |
| private static final ODLLogger logger = ODLLogger.getODLLogger(ProvisioningUtils.class.getName()); | |
| // Get OIM API services | |
| private final UserManager usrMgr; | |
| private final ApplicationInstanceService appInstService; | |
| private final ProvisioningService provService; | |
| /** | |
| * Constructor | |
| * @param oimClient OIMClient with administrator logged in | |
| */ | |
| public ProvisioningUtils(OIMClient oimClient) | |
| { | |
| this.usrMgr = oimClient.getService(UserManager.class); | |
| this.appInstService = oimClient.getService(ApplicationInstanceService.class); | |
| this.provService = oimClient.getService(ProvisioningService.class); | |
| } | |
| /** | |
| * Provision a resource account to a user. | |
| * @param userLogin OIM User Login (USR.USR_LOGIN) | |
| * @param appInstName Name of application instance (APP_INSTANCE.APP_INSTANCE_NAME) | |
| * @param parentData Data to populate the parent process form | |
| * @param childData Data to populate the child process form(s) | |
| * @return Account Id (OIU_KEY) | |
| * @throws AccessDeniedException | |
| * @throws NoSuchUserException | |
| * @throws UserLookupException | |
| * @throws ApplicationInstanceNotFoundException | |
| * @throws GenericAppInstanceServiceException | |
| * @throws UserNotFoundException | |
| * @throws oracle.iam.platform.authopss.exception.AccessDeniedException | |
| * @throws GenericProvisioningException | |
| */ | |
| public Long provisionResourceAccountToUser(String userLogin, String appInstName, Map<String,Object> parentData, Map<String, ArrayList<ChildTableRecord>> childData) throws AccessDeniedException, NoSuchUserException, UserLookupException, ApplicationInstanceNotFoundException, GenericAppInstanceServiceException, UserNotFoundException, oracle.iam.platform.authopss.exception.AccessDeniedException, GenericProvisioningException | |
| { | |
| // Get OIM User searching by User Login (USR.USR_LOGIN) | |
| boolean isUserLogin = true; // True for searching by User Login; False for searching by USR_KEY | |
| Set<String> retAttrs = null; // Return attributes; Null implies returning every attributes on user | |
| User user = usrMgr.getDetails(userLogin, retAttrs, isUserLogin); // Get OIM User | |
| logger.log(ODLLevel.NOTIFICATION, "User: {0}", new Object[]{user}); | |
| // Get application instance by name (APP_INSTANCE.APP_INSTANCE_NAME) | |
| ApplicationInstance appInst = appInstService.findApplicationInstanceByName(appInstName); | |
| logger.log(ODLLevel.NOTIFICATION, "Application Instance: {0}", new Object[]{appInst}); | |
| // Get information required provisioning resource account | |
| String usrKey = user.getId(); // Get usr_key of OIM User | |
| Long resourceFormKey = appInst.getAccountForm().getFormKey(); // Get Process Form Key (SDK_KEY) | |
| logger.log(ODLLevel.NOTIFICATION, "Resource Process Form Key: {0}", new Object[]{resourceFormKey}); | |
| String udTablePrimaryKey = null; | |
| // Construct-Stage Resource Account | |
| AccountData accountData = new AccountData(String.valueOf(resourceFormKey), udTablePrimaryKey, parentData); | |
| accountData.setChildData(childData); | |
| Account resAccount = new Account(appInst, accountData); | |
| // Provision resource account to user | |
| Long accountId = provService.provision(usrKey, resAccount); // Account Key = OIU_KEY | |
| logger.log(ODLLevel.NOTIFICATION, "Provisioning Account Id: {0}", new Object[]{accountId}); | |
| return accountId; | |
| } | |
| } |
No comments:
Post a Comment