Identity And Access Management - Rajiv Dewan

Get All The FIelds and LABELS of CHILD FORM

Requirement:
Get All the fields and labels of Child Form

Solution:

Please use the below code snippet:

public  void printChildFormColumn(long processInstanceKey) throws Exception{

  tcFormInstanceOperationsIntf formInstanceOperationsIntf = oimClient.getService(Thor.API.Operations.tcFormInstanceOperationsIntf.class);
 tcFormDefinitionOperationsIntf formDefinitionIntf = oimClient.getService(Thor.API.Operations.tcFormDefinitionOperationsIntf.class);
 long processFormDefinitionKey = formInstanceOperationsIntf.getProcessFormDefinitionKey(processInstanceKey);
 int processParentFormVersion = formInstanceOperationsIntf.getActiveVersion(processFormDefinitionKey);
tcResultSet resultGetChildFormDefinition = formInstanceOperationsIntf.getChildFormDefinition(processFormDefinitionKey, processParentFormVersion);
 int countResultGetChildFormDefinition = resultGetChildFormDefinition.getRowCount();
 for(int j = 0; j < resultGetChildFormDefinition.getRowCount(); j++){
 resultGetChildFormDefinition.goToRow(j);
 long childFormKey = resultGetChildFormDefinition.getLongValue("Structure Utility.Child Tables.Child Key");
 int version = resultGetChildFormDefinition.getIntValue("Structure Utility.Child Tables.Child Version");
 System.out.println("childFormKey :: " + childFormKey + " version :: " + version);
tcResultSet formFields = formDefinitionIntf.getFormFields(childFormKey, version);
 for(int k = 0; k < formFields.getRowCount(); k++){
 formFields.goToRow(k);
String column = formFields.getStringValue("Structure Utility.Additional Columns.Name");
 String label = formFields.getStringValue("Structure Utility.Additional Columns.Field Label");
 System.out.println("COLUMN :: " + column + "  LABEL :: " + label);
 }}}

Change A Field from Text to Loookup Field

Requirement:

Need to change type of Field from Text to Lookup Type
Lookup Field should be associated with lookup quey

Reference:


Solution

Export the User.xml using weblogicExportMetadata Utility and search for this newly created field.

You'll see the section as follow:
































































REPLACE WITH:

















































































Save the file and import into MDS again using weblogicImportMetadata utility

Run the PurgeCache or Restart your OIM Server
















Java Code to Print ResultSet

Requirement:
Print all the column name and their values in the ResultSet

Solution:
Use the below code snippet for same:

public static void printResultSet(tcResultSet result) throws tcAPIException, tcColumnNotFoundException{
for(int i = 0; i < result.getRowCount(); i++){
result.goToRow(i);
String column[] = result.getColumnNames();
for(int j = 0; j < column.length; j++){
String colName = column[j];
String value = result.getStringValue(colName);
System.out.println(colName + " --- " + value);
}}}
       

Create OIM COnnection from OUTSIDE OIM 10g and OIM 11g using OLD APIsRequirement:

Requirement:

Need to call OIM APIs from OUTSIDE 

Assumption:

Demo code shows the configuration for weblogic
You need to change the RED Color lines as per your environment
Copy the WORKING copy for Design Console directory
You should have proper permissions on the copied directory

Solution:

Copy working copy of Design Console Directory to local from where you want to call OIM APIs say Designconsole

Use the below code:

System.out.println("Startup...");
System.out.println("Getting configuration...");
ConfigurationClient.ComplexSetting config =ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
System.out.println("Login...");
Hashtable env = config.getAllSettings();
System.out.println(env.toString());
 System.setProperty("XL.HomeDir","D:\\designconsole");
 System.out.println(System.getProperty("XL.HomeDir"));
 System.setProperty("java.security.policy","D:\\designconsole\\config\\xl.policy");
 System.setProperty("java.security.auth.login.config","D:\\designconsole\\config\\authwl.conf");
 tcUtilityFactory ioUtilityFactory = new tcUtilityFactory(env,"xelsysadm","RDEWAN1234");
tcUserOperationsIntf userIntf = (tcUserOperationsIntf) ioUtilityFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
System.out.println("userIntf :: " + userIntf);

Stop Schedule Task using APIs in OIM 10g

Requirement:

Stop the Schedule Task using OIM APIs

Solution:

Here is the sample code:

tcSchedulerOperationsIntf scheduleIntf = (tcSchedulerOperationsIntf) ioUtilityFactory.getUtility("Thor.API.Operations.tcSchedulerOperationsIntf");
HashMap scheduleMap = new HashMap();
scheduleMap.put("Task Scheduler.Name", "XYZ");
tcResultSet scheduleResultSet = scheduleIntf.findScheduleTasks(scheduleMap);
long scjeduleTaskKey = scheduleResultSet.getLongValue("Task Scheduler.Key");
HashMap updateMap = new HashMap();
updateMap.put("TSK_STOP", "1");
scheduleIntf.updateScheduleTask(scjeduleTaskKey, updateMap);
System.out.println("Schedule Task is STOPPED successfully");
 
Assumption:

You have implemented Stop() method and Stop Flag in the Schedule Task.          

How to get LoggedIn User ID on Process Form

Requirement:
We need to see that who has modified particular field on Process Form or we want LoggedIn "User Login" on Process Form for some purpose


Solution:
Here are the steps to accomplish the same:

Note: I am demostrating the solution using Process Task Adapter. You can use other options as well as per requirement

  • Create Java Code

public String printLoggedInUser(tcDataProvider dataProvider){
        System.out.println("INSDIE printLoggedInUser ");
        String loggedInUserID = "";
        try {
            loggedInUserID = dataProvider.getUserLogin();
            System.out.println("loggedInUserID :: " + loggedInUserID);
        } catch (tcDataAccessException e) {
            e.printStackTrace();
        } catch (tcClientDataAccessException e) {
            e.printStackTrace();
        }
        return loggedInUserID;
    }

  • Make JAR file and paste in /xellerate/JavaTasks directory
  • Create Process Task Adapter and map variables as below
                          Input - Adapter Reference - Database Reference 
                          Output - Return Variable
































  • Build the Adapter
  • Attach your Adapter with a Task in the Process Definition. 
  • Call this task on Successful Updation of Attribute Task
  • Map the Adapter Return Value with 
  • Process Data -- Form Field say UD_TEST_LOGGEDIN 
  • Save and Test

Metadata for OIM User Profile for 11g

Requirement:
How to fetch User Attributes from RESULTSET using OLD APIs.

Solution:
Below is the Metadata or Column Name which can be used to fetch user attributes using OIM 10g APIs:

FA Territory

Users.Password Warning Date
Employee Number
usr_locale
Users.Middle Name
Manually Locked
Users.Disable User
Users.Update Date
Date Format
Users.Display Name
Mobile
USR_TIMEZONE
Users.Ldap Organization
Users.Lock User
Currency
Users.End Date
Pager
Users.Deprovisioned Date
Time Format
USR_CREATED
Users.Deprovisioning Date
PO Box
USR_UDF_OTHER
Color Contrast
Users.Creation Date
Users.Ldap Guid
Accessibility Mode
Users.Country
Users.Xellerate Type
Users.Change Password At Next Logon
Users.Password Expiration Date
Users.Password Cannot Change
Users.Email
Users.Provisioned Date
Users.System Level
Common Name
Automatically Delete On
Locked On
Users.Start Date
Users.Last Name
Users.First Name
Locality Name
Users.Manager Key
Users.Manager Login
Users.Manager First Name
Users.Manager Last Name
Number Format
USR_POLICY_UPDATE
Street
Embedded Help
Users.Password Expired
Department Number
Hire Date
Users.Password Warned
Telephone Number
Home Postal Address
Font Size
Users.Updated By
Description
Home Phone
Users.Ldap Organization Unit
usr_pwd_min_age_date
Fax
Postal Code
Organizations.Key
Organizations.Organization Name
Users.Key
Users.User ID
Title
USR_UDF_OBGUID
Users.Status
Generation Qualifier
State
Postal Address
Initials
Users.Password Never Expires
Users.Password Must Change
LDAP DN
Users.Role
FA Language
Password Generated
Users.Provisioning Date
MEMBERTYPE

Sample Code: Find UDF/Other Attributes using OIM 11g API

Requirement:
Find UDF value using OIM 11g API

Solution
Here is the sample code:

Create a UDF say USR_UDF_OTHER Other Attribute

SearchCriteria criteria = new SearchCriteria("User Login", "RDEWAN", SearchCriteria.Operator.EQUAL);
UserManager usrService = oimClient.getService(UserManager.class);
Set retAttrs = new HashSet();
retAttrs.add("Other Attribute");
List <User> users = usrService.search(criteria, retAttrs, null);
String otherAttribute = (String) users.get(0).getAttribute("Other Attribute");
System.out.println("Value for otherAttribute :: " + otherAttribute);



Other Way


User user = usrService.getDetails("User Login", "RDEWAN", null);
HashMap mapAttrs = user.getAttributes();

String otherAttribute= (String) mapAttrs.get("Other Attribute");


Sample Code: To Search Organization with Organization Key

Requirement:

Search Organization using OIM 11g API

Solution:

Here is the sample code for the same:

Long orgKey = 1L;
OrganizationManager orgService = oimClient.getService(OrganizationManager.class);
Set orgCritAttrs = new HashSet();
SearchCriteria.Operator.EQUAL);
SearchCriteria orcriteria = new SearchCriteria("act_key", orgKey, SearchCriteria.Operator.EQUAL);
orgCritAttrs .add(OrganizationManagerConstants.AttributeName.ORG_NAME.getId());
List orgs = orgService.search(orcriteria, orgCritAttrs, null);
System.out.println("Organization Result Set Size:: " + orgs.size());
String organizationName = (String) orgs.get(0).getAttribute("Organization Name");
System.out.println("Organization Name :: " + organizationName);

Sample Code: Get User Organization using OIM 11g API

Requirement:

Need to find user Organization using OIM 11g API:

Solution:

Here is the sample code for the same. It will give you Organization Key of that user. You can fetch the Organization Name with that:

SearchCriteria criteria = new SearchCriteria("User Login", "XELSYSADM", SearchCriteria.Operator.EQUAL);UserManager usrService = oimClient.getService(UserManager.class);
Set retAttrs = new HashSet();
retAttrs.add(UserManagerConstants.AttributeName.USER_ORGANIZATION.getId());
List users = usrService.search(criteria, retAttrs, null);
System.out.println("Organization Key -- " + users.get(0).getAttribute("act_key"));


Play-around with User Form Fields

Requirement: 
How to change an encrypted field to plain text field

Solution:

Create a UDF in OIM 11g through Advance Console > User Configuration
















Select Display Type as Secret and Encryption will come automatically as "Encrypted"















Click Save Next and Verify the details and click Save
















While creating user, you won't be able to the value which you entering in this field














Export the User.xml using weblogicExportMetadata Utility and search for this newly created field. You'll see "display-type" as SECRET and encryption as ENCRYPT






































Change value for following attributes:

  1. display-type : "SECRET" to "TEXT"
  2. encryption  :  "ENCRYPTION" to "CLEAR"






































Save the file and import into MDS again using weblogicImportMetadata utility

Run the PurgeCache or Restart your OIM Server

Create a user and you'll see data as plain text




You can also play-around with other fields