HAPPY NEW YEAR 2017

Identity And Access Management - Rajiv Dewan

IT Resource Parameters API Source Code

Here's the method to print data from IT Resource:

 /**
     * @param itResourceName   IT Resource Name
     * @param itResourceInstanceOperationsIntf
     * @throws Exception
     */

    private void printITResourceData(String itResourceName, tcITResourceInstanceOperationsIntf itResourceInstanceOperationsIntf) throws Exception {
        System.out.println("Printing IT Resource Data :: " + itResourceName);
        HashMap itresMap = new HashMap();
        itresMap.put("IT Resources.Name", itResourceName);
        tcResultSet findITResourceResult = itResourceInstanceOperationsIntf
                .findITResourceInstances(itresMap);
        int findITResourceResultCount = findITResourceResult.getRowCount();
        System.out.println("findITResourceResultCount :: " + findITResourceResultCount);
        for (int i = 0; i < findITResourceResultCount; i++) {
            findITResourceResult.goToRow(i);
            long itResourceKey = findITResourceResult.getLongValue("IT Resources.Key");
            System.out.println("itResourceKey :: " + itResourceKey);
            tcResultSet itResourceParameters = itResourceInstanceOperationsIntf.getITResourceInstanceParameters(itResourceKey);
            for (int j = 0; j < itResourceParameters.getRowCount(); j++) {
                itResourceParameters.goToRow(j);
                String name = itResourceParameters.getStringValue("IT Resources Type Parameter.Name");
                String value = itResourceParameters.getStringValue("IT Resources Type Parameter Value.Value");
                System.out.println(name + " --> " + value);
            }
        }
        System.out.println("COMPLETED");
    }

OIM 11g R2 PS3 : API Usage: AdminRoleService

Oracle has introduced new apis for managing the admin roles. You can create/modify/assign admin roles. Here's the usage of these apis:

Note: These apis can be run inside OIM only.


AdminRoleService adminRoleService = Platform.getService(AdminRoleService.class);
String roleDisplayName = null;
String roleDescription = null;
String searchBase = null;
long roleID = 0L;
String membershipRuleInternal = null;
SearchRule membershipRule = null;
List capabilities = null;
AdminRole adminRole = adminRoleService.getAdminRole(roleName);
roleName = adminRole.getRoleName();
roleID = adminRole.getRoleId();
roleDescription = adminRole.getRoleDescription();
roleDisplayName = adminRole.getRoleDisplayName();
capabilities = adminRole.getCapabilities();
membershipRule = adminRole.getMembershipRule();
membershipRuleInternal = adminRole.getMembershipRuleInternal();
System.out.println("Role Name :: " +  roleName + " Role Display Name :: " + roleDisplayName );
System.out.println("Membership Rule :: " +  membershipRule + " Capabilities Size :: " + capabilities.size() );
System.out.println("Role ID :: " +  roleID + " Role Description :: " + roleDescription);


API Output:

Role Name :: OrclOIMCertificationViewer Role Display Name :: Certification Viewer
Membership Rule :: null Capabilities Size :: 0
Role ID :: 23 Role Description :: Role can view all certification definitions, jobs, and instances.

ForgeRock : Few Features

I was exploring ForgeRock Open IDM for some PoC and here are few things which I was able to do.

  • Configured Self Registration Link
  • Configured Forgot Password
  • Configured Security Questions
  • Add Custom Security Challenge Question
  • Validation for Mobile Phone field
  • Maximum Security Challenge Attempts
  • Configured Auto Unlock Features
Note: 
Everything is configurable through .json files

Here are couple of screens from the PoC



Self Registration

Custom Security Questions

Forgot Password Feature

That's Not My Salary ;)


Validation for Mobile Phone