Trigger a Update on OIM field to OID

Recently we had a requirement like we need to update a field in OIM and it should inturn update in OID.Many of you might know how to achieve this.This is only for some basic understanding.

Steps

1.Create a user defined Field say UserDN(USR_UDF_USERSN)

2.In OID process definition create a task like Change UserDN and map it to modifyuser adaptor.While doing the attribute mappings for Attrvalue map it to user Definition(UserDN) and AttrName make it to literal(UserDN)

3.Go to Lookup,Search for *USR_Trigger*---For code key(USR_UDF_USERDN)and in decode key(Change UserDN).the decode should be same as that of task name in process definition(I Presume this)

4.Go to OID attribute mapping(AttrName.OID.Map) . In code key add the OIM fieldname and in decode key map it to OID attribute.If the attribute is created in process form add the code key to Process form field name and decode key to OID.

So whenever a user is getting updated in OIM,It will change the value in OID.Also note that to update that field in OIM proocess form create process definition tasks like UserDN Updated.Also add a prepopulate to the field to update in OID form.

Installing Webgate 11.1.1.3

The prerequisites is the webtier should be installed previously.

installing WebTier 11.1.1.2

11g Code to get the roles of the user and the roles assigned to users

public void getUsersByRole(String rolename){
RoleManager rolemanager=client.getService(RoleManager.class);
List s2;
try {
s2 = rolemanager.getRoleMembers(getRoleKey(rolename),false);
for (User user: s2)
{
System.out.println("User ID : "+user.getAttribute("User Login"));
}

} catch (RoleMemberException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (AccessDeniedException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
public void getRolesForUser(String username){
try{
RoleManager rolemanager=client.getService(RoleManager.class);
List s3=rolemanager.getUserMemberships(getUserKey(username).toString),false);

for(Role role:s3){
System.out.println("Roles :" +role.getAttribute("Role Display Name"));
}
// System.out.println(s3);
}catch(Exception e){
e.printStackTrace();
}
}

11g getting rolekey,userkey,objectkey

public Long getUserKey(String userLogin) {
Long userKey = null;
SearchCriteria criteria = new SearchCriteria("User Login", userLogin,SearchCriteria.Operator.EQUAL);
Set retAttrs = new HashSet();
retAttrs.add("usr_key");
UserManager usrMgr = client.getService(UserManager.class);
try {
usrMgr.search(criteria, retAttrs, null);
List users = usrMgr.search(
criteria, retAttrs, null);

userKey = (Long) users.get(0).getAttribute("usr_key");
} catch (Exception e) {
e.printStackTrace();
}
return userKey;
}

public long getObjectKey(String object) {
HashMap objectMap = new HashMap();
long key = 0;
try {
tcObjectOperationsIntf moObjectUtility = client.getService(tcObjectOperationsIntf.class);

objectMap.put("Objects.name", object);
tcResultSet moResultSet = moObjectUtility.findObjects(objectMap);

if (moResultSet.getRowCount() == 0) {
} else {
moResultSet.goToRow(0);
key = moResultSet.getLongValue("Objects.name");
}
} catch (Exception e) {
e.printStackTrace();
}
return key;
}


public String getRoleKey(String roleName)
{
String roleKey=null;
SearchCriteria criteria = new SearchCriteria(RoleAttributeName.NAME.getId(), roleName, SearchCriteria.Operator.EQUAL);
Set retAttrs = new HashSet();
retAttrs.add(RoleAttributeName.KEY.getId());
RoleManager roleMgr = (RoleManager)client.getService(RoleManager.class);
try {
List roles= roleMgr.search(criteria, retAttrs, null);
roleKey = roles.get(0).getAttribute(RoleAttributeName.KEY.getId()).toString();
} catch (Exception e) {
}
return roleKey;
}

11g OIM connect

Please find the code snippet
Make sure you add the required jars from lib/ext and also weblogic.jar.


public class OIM11g {

public static String id;
private OIMClient client;
private tcUtilityFactory ioUtilityFactory;


private static String OIMUserName = "xelsysadm";
private static String OIMPassword = "testpass";
private static String OIMURL = ReadProperty.getProp("URL");
private static String OIMInitialContextFactory = "weblogic.jndi.WLInitialContextFactory";
private static String config = ReadProperty.getProp("Configuration");
private static String homeDir = ReadProperty.getProp("HomeDirectory");
public OIM11g(){

}

public Boolean connect(String user, String pwd)
{
Boolean result=true;
Hashtable env = new Hashtable();
System.setProperty("java.security.auth.login.config",config);
System.out.println(config);
System.setProperty("XL.HomeDir", homeDir);
System.out.println(homeDir);
env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL,OIMInitialContextFactory);
env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, OIMURL);
System.out.println(OIMURL);
client = new OIMClient(env);
try {
System.out.println("Establishing connection...");
client.login(user, pwd.toCharArray());
ioUtilityFactory = new tcUtilityFactory(env,user,pwd);
System.out.println("connected");
}catch (Exception e){
e.printStackTrace();
}
return result;
}

Cookie value not set in OAM

In OAM 11g, we tried setting the cookie names in the authorization policies,but it was a unsuccessful attempt since the browser is unable to retrieve the cookies.

Reason for this Issue

The flag SSOOnlyMode needs to be set to false for enabling Authorization Module.

Solution

The parameter SSOOnlyMode in oam-config.xml is set to true. If it is set to below mentioned value it will not invoke the Authorization module.

setting Name="SSOOnlyMode" Type="xsd:boolean"true

To avoid this issue

1. Shutdown all your Servers
1. Modify the file Domain_home/config/fmwconfig/oam-config.xml.
setting Name="SSOOnlyMode" Type="xsd:boolean"false
4. Start all the servers.
5. Retest the issue again.