Search This Blog

Monday, March 29, 2010

OIM Description Field Change

Today, I came up with a unique requirement,

We wanted to change the description field with Userid when a user is provisioned or disabled from the key.

For Example,





Here Change Description from key to Username.

Steps:

1. Go to Process Definition.
2. Click Map Descriptive Field
3. Click on User Login
4. Save
5. Done.




After changing the output will be like this,




This case is useful when a user is disabled and user’s last name gets changed then Userid changes then we can keep track of resources for old user id and new user id.


Wednesday, March 24, 2010

Email Notification when a User is Created in OIM

import java.util.Properties;

import javax.mail.Message;
import javax.mail.MessagingException;
import javax.mail.Session;
import javax.mail.Transport;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeMessage;

public class JavaMail
{


public void sendEMail(String firstName,String emailId,String userPassword)
{


try
{

StringBuffer stringBuffer=new StringBuffer();

Properties prop=System.getProperties();
prop.setProperty("mail.smtp.host","xyz.wmv.abc");
Session session=Session.getDefaultInstance(prop);
MimeMessage message=new MimeMessage(session);

stringBuffer.append("Hi, "+firstName);
stringBuffer.append("

Thank you for registering! We are pleased to welcome you to Test Mail.

");
stringBuffer.append("

To start using Test Page right now, please go to http://testoim:8080/xlWebApp/ and login using the following information:

");
stringBuffer.append("

Login: "+emailId+"
");
stringBuffer.append("Password: "+userPassword+"

");
stringBuffer.append("

If you have any difficulties logging into Test, please reply to this email with a description of what you are encountering and we will respond back as soon as possible.

");
stringBuffer.append("

Thank you,

");
stringBuffer.append("

Test Company
");
stringBuffer.append("Test Administration

");

//From Email Address goes here...
message.setFrom(new InternetAddress("oimadmin@test.com"));

//To Email Address goes here..
message.addRecipient(Message.RecipientType.TO,new InternetAddress(emailId));
message.setSubject("***Welcome to Test! You are registered.***");
message.setContent(stringBuffer.toString(),"text/html; charset=UTF-8");
Transport.send(message);

}
catch(MessagingException e)
{
e.printStackTrace();
}

}



}

Steps :

1. Create a jar file from this code by changing the host name in the code.
2. Create the adapter in OIM and put it as a dependant on successful user creation and mail will go to the user from oimadmin@test.com with his userid and password.

Please mail me if you have any questions.

Thanks

Wednesday, March 10, 2010

java.lang.RuntimeException: Could not find the OffLine WLST class

Hi All,
I was doing installation of Oracle identity Manager 9.1.0.1 on Weblogic 10.3.0.0 Clustering environment.I came across a issue related to WLST offline class error.

oracle/oim/xellerate/setup/setup.xml:443: The following error occurred while executing this line:
/oracle/oim/xellerate/setup/weblogic-setup.xml:196: java.lang.RuntimeException: Could not find the OffLine WLST class
at org.apache.tools.ant.ProjectHelper.addLocationToBuildException(ProjectHelper.java:539)
at org.apache.tools.ant.taskdefs.Ant.execute(Ant.java:384)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at org.apache.tools.ant.Target.execute(Target.java:341)
at org.apache.tools.ant.Target.performTasks(Target.java:369)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216)
at org.apache.tools.ant.Project.executeTarget(Project.java:1185)
at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:40)
at org.apache.tools.ant.Project.executeTargets(Project.java:1068)
at org.apache.tools.ant.Main.runBuild(Main.java:668)
at org.apache.tools.ant.Main.startAnt(Main.java:187)
at org.apache.tools.ant.launch.Launcher.run(Launcher.java:246)
at org.apache.tools.ant.launch.Launcher.main(Launcher.java:67)


I tried different things like
1.checking all paths are set correct JAVA_HOME,BEA_HOME.
2.Checking version of Weblogic
3. ./wlst.sh
4. java weblogic.WLST and many other approach.Final solution is listed below :


Solution :
There is an existing Bug 8431390 - WLST NOT WORKING IF WE USE NON-DEFAULT INSTALLATION (WL_HOME OUTSIDE BEA_HOME)

As per this bug, the issue can be reproduced as follows:

Steps to reproduce:
1. Install WLS 10.3GA (essex) kit in a non-default fashion (WL_HOME outside
BEA_HOME)
2. Go to ur $WL_HOME/common/bin directory and execute wlst.cmd
3. It exits with the following exception:
java.lang.RuntimeException:could not find the OffLine WLST class

I have set up the same-way that's why.

Tuesday, March 9, 2010

OIM-Approval Workflows

Hi All,
I came through this scenario.
Scenario : A request is submitted by the Requester or User to get access through OIM. Once the request is submitted by the user, either user/Manager/Higher Administrator should be able to approve the request untill manager does not approve the request.Once the request is approved by manager,no one should be able to edit the request.

Steps and JAVA Code :

Assumption: Approval with multi-level approvals already exists for the Resource XXX.
1. Create a jar from the below code and place it into OIM_HOME/xellerate/JavaTasks
a. Import XML TaskAdapter.xml(Email me if you need this file)(Creation of Adapters)
2. Modify the Object Form (Design Console -> Development Tools -> Form Designer).
a. Add two String type fields into it and specify any :
i. Response
ii. RequestId
b. Make these two fields hidden from “Properties” Tab
c. Add any other fields as per requirement.
3. Modify the Approval Process for “XXX Resource Object”.
a. Create Task Named as “Update Request Id”
i. Attach adpCopyValue adapter and do the mapping as follows:
1. Input -> Request Info -> Request Id
2. Adapter Return Value -> Object Data -> RequestId
4. Go To Data Object Manager in Design Console and Search for Resource Object Form for Resource XXX.
a. In Pre-Update -> Assign -> adpRequestPermission adapter.
b. Do the mapping as follows:
i. ReqId -> Entity Field -> ResquestId (Field name will be as created in 2.a.ii)
ii. Adapter Return Value -> Entity Field -> Response (Field name will be as created in 2.a.i)
5. Error Message is “ADAPTER.PERMISSION.ERROR”. You can change the description of the error as per requirement. (Design Conole -> Development Tools -> Error Message Definition and search for “ADAPTER.PERMISSION.ERROR” as code key)



JAVA CODE :


package com.requestmodify.adapter;

import java.util.HashMap;
import java.util.Hashtable;
import Thor.API.tcResultSet;
import Thor.API.tcUtilityFactory;
import Thor.API.Operations.tcRequestOperationsIntf;
import Thor.API.Operations.tcUserOperationsIntf;
import com.thortech.util.logging.Logger;
import com.thortech.xl.crypto.tcCryptoUtil;
import com.thortech.xl.crypto.tcSignatureMessage;
import com.thortech.xl.util.config.ConfigurationClient;



public class RequestModifyPermisions {
public static Logger logger = Logger.getLogger("UPDATE.LOGGERS");
String response = null;
HashMap requestAssignMap = new HashMap();
HashMap requestMap = new HashMap();
HashMap userMap = new HashMap();
int countRequestAssignedToUser;
long managerKey;

ConfigurationClient.ComplexSetting config = ConfigurationClient.getComplexSettingByPath("Discovery.CoreServer");
final Hashtable env = config.getAllSettings();

public String modifyRequest(String reqId) {
logger.debug("reqId :: " + reqId);
try {
tcSignatureMessage moSignature = tcCryptoUtil.sign("xelsysadm","PrivateKey");
tcUtilityFactory utilityFactory = new tcUtilityFactory(env, moSignature);
tcRequestOperationsIntf requestIntf = (tcRequestOperationsIntf)utilityFactory.getUtility("Thor.API.Operations.tcRequestOperationsIntf");
requestMap.put("Requests.Request ID", reqId);
tcResultSet requestResultSet = requestIntf.getRequestTargets(Long.parseLong(reqId));
requestResultSet.goToRow(0);
String targetUser = requestResultSet.getStringValue("Users.User ID");
logger.debug("targetUser :: " + targetUser);
userMap.put("Users.User ID", targetUser);
tcUserOperationsIntf userOperationsIntf = (tcUserOperationsIntf)utilityFactory.getUtility("Thor.API.Operations.tcUserOperationsIntf");
tcResultSet findUserSet = userOperationsIntf.findAllUsers(userMap);
findUserSet.goToRow(0);
managerKey = findUserSet.getLongValue("Users.Manager Key");
logger.debug("managerKey :: " + managerKey);
tcResultSet requestAssignedToUser = requestIntf.getApprovalTasksAssignedToUser(managerKey, requestMap);
countRequestAssignedToUser = requestAssignedToUser.getRowCount();
logger.debug("countRequestAssignedToUser :: " + countRequestAssignedToUser);
if(countRequestAssignedToUser == 1 ){
response = "SUCCESS";
} else {
response = "FAILURE";
}
} catch (Exception e) {
logger.error("Exceprion in modifyRequest :: ", e);
}
logger.debug("response :: " + response);
return response;
}
}