Create Users Using OIM API

                    Create Users Using OIM API

1. Ultimate Control Over Identity:

Oracle Identity Manager(OIM) 11g provides complete life cycle management of user identities. Identity life cycle management includes the creation, modification and deletion of user access to provision resource. OIM 11g provides range of option for how it can be customized. One of the most powerful and flexible ways to extending a solution is through the use of Application Programing Interface. OIM 11g provide JAVA API which can be use to interface with multiple aspects of Identity life cycle management.

1.2. Using API:

Oracle provides a network-aware, Java-based application programming interface (API) that exposes Services, called Utility in earlier releases, available in Oracle Identity Manager. This API is based on Plain Old Java Objects (POJO) and takes care of all the plumbing required to interact with Oracle Identity Manager. This API can be used for building clients for Oracle Identity Manager and for integrating third-party products with the Oracle Identity Manager platform.

1.3. Oracle Identity Manager Services:

The Oracle Identity Manager API provides access to services available in Oracle Identity Manager.

1.3.1. Commonly Use Services List:

Service Name	Description
UserManager	Provides operations for user management, such as create, search, modify, and delete users
RequestService	Provides operation to submit, withdraw, close, and search requests
RoleManager	Provides operations for role management such as create, search, modify, and delete roles. In addition, this service provides operations for management of role members and relationships between roles.
OrganizationManager	Provides operations for organization management such as create, search, modify, delete, enable, and disable organizations.

1.3.1.1. User Management:

The OIM 11g Java APIs support searching, creating, reading, updating and deleting of Users. This procedure will cover how to use the OIM 11g Java APIs to perform these operations.

Getting Start to Create Users:

OIM 11g leverages a new Java API. The previous API (Thor) is still available. But, it is recommended that new projects use the OIM 11g Client API.

Create a folder for containing the required OIM files and sample source files on which you want to develop the client. This procedure will use a folder called oimlib.

Required Server Files:

You will need to obtain the following file from OIM 11g server.

a. oimclient.zip: Copy this zip file from OIM 11g server: F:\RMW\Middleware\Oracle_IDM1\server\client and copy in oimlib folder. Extract zip file and copy conf and lib out side the oimclient folder.

lib sub directory containing all following jar files required by OIM 11g Api:-

·        commons-logging.jar

·        eclipselink.jar

·        jrf-api.jar

·        oimclient.jar 

·        spring.jar

·        wlfullclient.jar

1.4. Source code:

Using OIMClient:

OIMClient is the entry point for accessing the services available in Oracle Identity Manager.

·         Create an instance of OIMClient  with environment information require to connect to Oracle Identity Manager application, show below:

Hashtable env = new Hashtable();

env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, "weblogic.jndi.WLInitialContextFactory");

env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, http://OIM_HOSTNAME:OIM_PORT );

OIMClient  oimClient = new OIMClient();

a.       Gets a UserManager object via the OIMClient.getService(UserManager.class) method.

User Create in OIM:

a. Gets the UserManager.

b. Creates a HashMap, to hold attributes.

c. Adds attributes (name/value) to the HashMap.

d. Creates a User object and adds the HashMap of attributes.

e. Calls the UserManager create() method to create the new user.

f. A UserManagerResult object is returned. It is evaluated.

Example of  User Creation:

 package com.rakesh.boss;

 import java.text.DateFormat;

 import java.text.SimpleDateFormat;

 import java.util.ArrayList;

 import java.util.Date;

 import java.util.HashMap;

 import java.util.Hashtable;

 import java.util.Iterator;

 import java.util.Map;

 import java.util.Set;

 import javax.naming.Context;

 import javax.naming.NamingEnumeration;

 import javax.naming.NamingException;

 import javax.naming.directory.Attributes;

 import javax.naming.directory.BasicAttribute;

 import javax.naming.directory.BasicAttributes;

 import javax.naming.directory.DirContext;

 import javax.naming.directory.InitialDirContext;

 import javax.naming.directory.SearchControls;

 import javax.naming.directory.SearchResult;

 import javax.naming.ldap.Control;

 import javax.naming.ldap.PagedResultsControl;

 import oracle.iam.platform.OIMClient;

 import oracle.iam.platform.Platform;

 import Thor.API.Exceptions.tcAPIException;

 import Thor.API.Exceptions.tcDuplicateLookupCodeException;

 import Thor.API.Exceptions.tcInvalidLookupException;

 import Thor.API.Exceptions.tcInvalidValueException;

 import Thor.API.Operations.tcLookupOperationsIntf;

 import java.util.Hashtable;

 import java.util.logging.Logger;

 import oracle.iam.identity.exception.UserAlreadyExistsException;

 import oracle.iam.identity.exception.UserCreateException;

 import oracle.iam.identity.exception.ValidationFailedException;

 import oracle.iam.identity.usermgmt.api.UserManager;

 import oracle.iam.identity.usermgmt.vo.User;

 import oracle.iam.identity.usermgmt.vo.UserManagerResult;

 import oracle.iam.platform.OIMClient;

 import oracle.iam.platform.authz.exception.AccessDeniedException;

public class Oimapi {

    public Oimapi() {

        super();

          }

 private static final String CLASS_NAME = Oimapi.class.getSimpleName();

 private static Logger logger = Logger.getLogger("Oimapi.OCS.SCHTASK");

 private static String OIMUserName = "xelsysadm";

 private static String OIMPassword = "Welcome1";

 private static String OIMURL = "t3://Sham-PC:14000";

 private static String OIMInitialContextFactory ="weblogic.jndi.WLInitialContextFactory";

// OIM Client Initiallization

 public static OIMClient loginWithCustomEnv() {

 Hashtable env = new Hashtable();

 env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, OIMInitialContextFactory);

 env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, OIMURL);

// New Properties needs to be added into system property.

 System.setProperty("OIM.AppServerType", "wls");

 System.setProperty("APPSERVER_TYPE", "wls");

 System.setProperty("java.security.auth.login.config","F:\\oimlib\\oimclient\\conf\\auth  wl.conf");

  OIMClient client = new OIMClient(env);

  try {

  System.out.println("12");

  client = new OIMClient(env);

  System.out.println("Initiating Oim Client");

  client.login(OIMUserName, OIMPassword.toCharArray());

  System.out.println("got OIm client successfully");

  System.out.println("Client - " + client);

} catch (Exception e) {

System.out.println("Error: " + e);

client = null;

              }

return client;

}

public static UserManager getService() {

              UserManager tcUM = null;

              Oimapi obj = new Oimapi();

              OIMClient client = obj.loginWithCustomEnv();

System.out.println("getService() -Client - " + client);

if (client != null) {

tcUM = client.getService(UserManager.class);

  System.out.println(" if (client != null) " + tcUM);

  } 

else {

      tcUM = Platform.getService(UserManager.class);

     System.out.println(" else = null) " + tcUM);

              }

              return tcUM;

          }

//Create OIM user

public void createUser(String userLogin)

 throws ValidationFailedException, AccessDeniedException,

 UserAlreadyExistsException, UserCreateException {

UserManager tcUM = getService();

long orgKey = 1;

Map<String, String> userMap = new HashMap<String, String>();

 UserManagerResult result = null; 

User user = null;

 user = new User("");

 user.setAttribute("User Login", userLogin);

 user.setAttribute("First Name", userLogin);

 user.setAttribute("Last Name", userLogin);

 user.setAttribute("usr_password", "Welcome1");

 user.setAttribute("act_key", orgKey);

 user.setAttribute("Xellerate Type", "End-User");

 user.setAttribute("Role", "Full-Time");

 System.out.println(user.getAttributes());.

 try {

 result = tcUM.create(user);

 System.out.println(user+"User Sucessfully got Created");

 } catch (Exception e) {

  System.out.print(e);

              }

  }

 //----- Schedule Job Execution

public static void main(String args[]) {

Oimapi rObj = new Oimapi();

rObj.loginWithCustomEnv();

  try{

            rObj.createUser("testUser4");

           } catch (ValidationFailedException e) {

                System.out.println(e);

          } catch (UserAlreadyExistsException e) {

                System.out.println(e);

          } catch (UserCreateException e) {

            System.out.println(e);

        }

           

          }

   

       }

OIM11g R2 PS2 INSTALLATION STEP

                             OIM11g R2 PS2 INSTALLATION STEP

Summury:

The following are the details related to installation.

Components:

It is essential to verify that the product(s) to be installed are certified to work on the given platform. 

For this install, below are the product and supporting platform details.

1. Window 7 64bit or Linux

2. Oracle  Database 11gR2 11.2.0

3. JDK   
  
Fusion Middleware components:
1. Oracle Identity Manager 
2. Oracle SOA Suit
3. RCU
4. Oracle Weblogic
             

IN SHORT:

1. Fist Install JDK.

2. Install  Database

3. Create Database Schema Using RCU

4. Install Weblogic Server

5. Install SOA Server

6. Apply SOA Patch

7. Install OIM Server

8. Create Domain(Weblogic Configuration)

9. Upgrade OPSS Schema

10. Configure Security Store

11. Start Weblogic Server and  SOA Server  Using cmd

12. Configure OIM Server

13. Stop And Restart Weblogic, SOA and OIM Server

14. Configure DesignConsole 

In Brief:

1. First Of All Install JDK.

2.Install  Database:

2.1 Click  Database Setup

2.2  Configure Security Update

a. Click  on check box.

b. Click Yes and click next.

2.3 Install Option

a. Click Install  database software only and click next.

2.4 Select type of database installation you want a perform.

a. Click  Single instance database installation and click next.

2.5 Select the languages in which your product run and click next.

2.6 Specify an Oracle base path to place all Oracle Software and configuration-related files. And specify a location for storing Oracle software files and Click next.

2.7 Click Finish

2.7. Wait for Install Product and then click next.

2.8. click Finish.

2.1.1. Database Configuration :

Go to Window click All Programs and search database directory(like Oracle-OraDb11g_home1) and drop down the folder  and in Configuration and Migration Tools Folder  and click Net Configuration Assistant .

2.1.2.This is Oracle Net Configuration select Local Net Service Name configuration and click next.

2.1.3.Select Add and click next.

2.1.4. Give Service Name and click next.

2.1.5. Select Protocol used for the database you want to access and click next.

2.1.6. Give correct Host Name and Select Use the Standard port  number of 1521 and click next.

2.1.7. Test The connection can be made to Database.

If you do not want to test NO, do not test and click next. If you select Yes so follow further process.

3. Create Database Schema Using RCU:

3.1 Run rcu.bat File to create schema in Database. Below screen shoot ensure that

3.2 Select Create  and click next.

3.3 Give Database Connection Details and click next.

Click Ok.

3.4.Select create a new Prefix and check on Identity Management. And click next.

Click  ok .

3.5. Select Use same Password for all Schema. Give Schema Password and click next.

3.6. Map Tablespaces. And click next.

.

3.7. Click Create.

3.8. Complete Summary.

4. Install Weblogic Server:

4.1 Start Weblogic from cmd. Give the correct directory location where You save your  weblogic server Installer.

4.2. Give Your Middleware Home Directory Location and click next.

4.3. Click check box once and click next.

4.4. Select check box I wish to remain uniformed of security issue in my configuration and click continue.

4.5. Select Typical and click next.

4.6. click next.

4.7 click next.

4.8. click next.

4.9. Wait for Installation and click next and finish.

5. Install SOA Server:

5.1 Start SOA form cmd. Give Directory Location of SOA Server.

5.2. click next.

5.3. Select Skip Software Updates and click next.

5.4. click Next.

5.5. click next.

5.6. Select Weblogic  Server and click next.

5.6. Click Install.

5.7. Wait for Installation and click finish.

5.7. Click Finish.

6. Apply SOA Patch:

SOA 11.1.1.3 is patch-set only where as SOA 11.1.1.2 is base release hence you and then upgrade it to SOA.

6.1. Copy your SOA Patch Path(like F:\RMO\OIM_11.1.2.2_SOAPS6_PREREQS).

  a. Open your cmd and paste this path on cmd (like

cd F:\RMO\OIM_11.1.2.2_SOAPS6_PREREQS).

b. Install SOA suite patch-set under same ORACLE_HOME directory (Oracle_SOA1) and same Middleware Home in which you installed SOA.

c. OPatch Succeeded.

7. Install OIM Server:

7.1. Install Oracle Identity is installed using run Installer from IDAM software and would need JRE (Java Runtime Environment) Location which using option -jreLoc as shown in screenshot below.

7.2. Click next.

7.3. Select Skip Software Update.

7.4. click next.

8. Create Weblogic Domain(Weblogic Configuration):

Create WebLogic domain using config.cmd.

8.1 select create new Weblogic domain and click next.

9. Upgrade OPSS Schema:

Ugarade OPSS Schema using psa.bat

10. Configure Security Store:

Configuration Security Store using wlst.cmd.

10.1 Copy correct Path.

11. Start Weblogic Server and  SOA Server Using cmd Before  Configuration OIM:

It is  mandatory that Start Weblogic and SOA Server Using cmd  before Configuration OIM .

11.1. Weblogic Server Start using startWebLogic.cmd.

11.2. Start SOA Sever using  startManagedWebLogic.cmd.

12. Configure OIM Server:

The Oracle Identity Management 11g Configuration Wizard enables you to configure Oracle Identity Manager (OIM) Server.

14. Configure Design Console: 

15. Create wlfullclient.jar for DesignConsole:

a. On the machine where Oracle WebLogic Server is installed (the machine where Oracle Identity Manager Server is installed), create the wlfullclient.jar file.

b. Copy the wlfullclient.jar file to the <Oracle_IDM1>\designconsole\ext\ directory on the machine where Design Console is configured.

c. Start the Design Console client by running the xlclient.cmd executable script, which is available in the <IDM_Home>\designconsole\ directory.

d. Log in to the Design Console with your Oracle Identity Manager user name and password.