HAPPY NEW YEAR 2017

Identity And Access Management - Rajiv Dewan

OIM 11g R2 PS2: Role Membership in Weird String in Database

In OIM 11g R2, if you see the role membership column in the database, it stores some weird string:

Select UGP_USER_MEMBERSHIP_RULE from UGP where UGP_USER_MEMBERSHIP_RULE is not null;

Example:
rO0ABXNyACtvcmFjbGUuaWFtLnBsYXRmb3JtLmVudGl0eW1nci52by5TZWFyY2hSdWxlAAAAAAAAAAECAAJMAAxtX3NlYXJjaEJhc2V0ABJMamF2YS9sYW5nL1N0cmluZztMAA1tX3NlYXJjaERlcHRodAA5TG9yYWNsZS9pYW0vcGxhdGZvcm0vZW50aXR5bWdyL3ZvL1NlYXJjaFJ1bGUkU2VhcmNoRGVwdGg7eHIAL29yYWNsZS5pYW0ucGxhdGZvcm0uZW50aXR5bWdyLnZvLlNlYXJjaENyaXRlcmlhnAluX4MjQvwCAANMAAZtX2FyZzF0ABJMamF2YS9sYW5nL09iamVjdDtMAAZtX2FyZzJxAH4ABEwACm1fb3BlcmF0b3J0ADpMb3JhY2xlL2lhbS9wbGF0Zm9ybS9lbnRpdHltZ3Ivdm8vU2VhcmNoQ3JpdGVyaWEkT3BlcmF0b3I7eHB0AAl1c3JfbG9naW50AAtPSU1JTlRFUk5BTH5yADhvcmFjbGUuaWFtLnBsYXRmb3JtLmVudGl0eW1nci52by5TZWFyY2hDcml0ZXJpYSRPcGVyYXRvcgAAAAAAAAAAEgAAeHIADmphdmEubGFuZy5FbnVtAAAAAAAAAAASAAB4cHQACU5PVF9FUVVBTHBw

So here's how they generate this weird string (just a base 64 encoded string):

SearchRule searchRule = new SearchRule("usr_login", "OIMINTERNAL", SearchCriteria.Operator.NOT_EQUAL);

ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream objectOutputStream = new ObjectOutputStream(baos);
objectOutputStream.writeObject(searchRule);
objectOutputStream.close();
boolean lineSeparat = false;
String searchRuleStr = Base64.encodeToString(baos.toByteArray(), lineSeparat);