Sunday, 11 January 2015

Create Users Using OIM API

                    Create Users Using OIM API

1. Ultimate Control Over Identity:
Oracle Identity Manager(OIM) 11g provides complete life cycle management of user identities. Identity life cycle management includes the creation, modification and deletion of user access to provision resource. OIM 11g provides range of option for how it can be customized. One of the most powerful and flexible ways to extending a solution is through the use of Application Programing Interface. OIM 11g provide JAVA API which can be use to interface with multiple aspects of Identity life cycle management.

1.2. Using API:
Oracle provides a network-aware, Java-based application programming interface (API) that exposes Services, called Utility in earlier releases, available in Oracle Identity Manager. This API is based on Plain Old Java Objects (POJO) and takes care of all the plumbing required to interact with Oracle Identity Manager. This API can be used for building clients for Oracle Identity Manager and for integrating third-party products with the Oracle Identity Manager platform.

1.3. Oracle Identity Manager Services:
The Oracle Identity Manager API provides access to services available in Oracle Identity Manager.

1.3.1. Commonly Use Services List:
Service Name
Description
UserManager
Provides operations for user management, such as create, search, modify, and delete users
RequestService
Provides operation to submit, withdraw, close, and search requests
RoleManager
Provides operations for role management such as create, search, modify, and delete roles. In addition, this service provides operations for management of role members and relationships between roles.
OrganizationManager
Provides operations for organization management such as create, search, modify, delete, enable, and disable organizations.

1.3.1.1. User Management:
The OIM 11g Java APIs support searching, creating, reading, updating and deleting of Users. This procedure will cover how to use the OIM 11g Java APIs to perform these operations.

Getting Start to Create Users:
OIM 11g leverages a new Java API. The previous API (Thor) is still available. But, it is recommended that new projects use the OIM 11g Client API.
Create a folder for containing the required OIM files and sample source files on which you want to develop the client. This procedure will use a folder called oimlib.

Required Server Files:
You will need to obtain the following file from OIM 11g server.
a. oimclient.zip: Copy this zip file from OIM 11g server: F:\RMW\Middleware\Oracle_IDM1\server\client and copy in oimlib folder. Extract zip file and copy conf and lib out side the oimclient folder.
lib sub directory containing all following jar files required by OIM 11g Api:-
·        commons-logging.jar
·        eclipselink.jar
·        jrf-api.jar
·        oimclient.jar 
·        spring.jar
·        wlfullclient.jar

1.4. Source code:

Using OIMClient:
OIMClient is the entry point for accessing the services available in Oracle Identity Manager.
·         Create an instance of OIMClient  with environment information require to connect to Oracle Identity Manager application, show below:

Hashtable env = new Hashtable();
env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, "weblogic.jndi.WLInitialContextFactory");
env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, http://OIM_HOSTNAME:OIM_PORT );

OIMClient  oimClient = new OIMClient();

a.       Gets a UserManager object via the OIMClient.getService(UserManager.class) method.

User Create in OIM:
a. Gets the UserManager.
b. Creates a HashMap, to hold attributes.
c. Adds attributes (name/value) to the HashMap.
d. Creates a User object and adds the HashMap of attributes.
e. Calls the UserManager create() method to create the new user.
f. A UserManagerResult object is returned. It is evaluated.

Example of  User Creation:
 package com.rakesh.boss;
 import java.text.DateFormat;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Hashtable;
 import java.util.Iterator;
 import java.util.Map;
 import java.util.Set;
 import javax.naming.Context;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.BasicAttribute;
 import javax.naming.directory.BasicAttributes;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.InitialDirContext;
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 import javax.naming.ldap.Control;
 import javax.naming.ldap.PagedResultsControl;
 import oracle.iam.platform.OIMClient;
 import oracle.iam.platform.Platform;
 import Thor.API.Exceptions.tcAPIException;
 import Thor.API.Exceptions.tcDuplicateLookupCodeException;
 import Thor.API.Exceptions.tcInvalidLookupException;
 import Thor.API.Exceptions.tcInvalidValueException;
 import Thor.API.Operations.tcLookupOperationsIntf;
 import java.util.Hashtable;
 import java.util.logging.Logger;
 import oracle.iam.identity.exception.UserAlreadyExistsException;
 import oracle.iam.identity.exception.UserCreateException;
 import oracle.iam.identity.exception.ValidationFailedException;
 import oracle.iam.identity.usermgmt.api.UserManager;
 import oracle.iam.identity.usermgmt.vo.User;
 import oracle.iam.identity.usermgmt.vo.UserManagerResult;
 import oracle.iam.platform.OIMClient;
 import oracle.iam.platform.authz.exception.AccessDeniedException;

public class Oimapi {
    public Oimapi() {
        super();
          }
 private static final String CLASS_NAME = Oimapi.class.getSimpleName();
 private static Logger logger = Logger.getLogger("Oimapi.OCS.SCHTASK");
 private static String OIMUserName = "xelsysadm";
 private static String OIMPassword = "Welcome1";
 private static String OIMURL = "t3://Sham-PC:14000";
 private static String OIMInitialContextFactory ="weblogic.jndi.WLInitialContextFactory";
// OIM Client Initiallization
 public static OIMClient loginWithCustomEnv() {
 Hashtable env = new Hashtable();
 env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, OIMInitialContextFactory);
 env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, OIMURL);
// New Properties needs to be added into system property.
 System.setProperty("OIM.AppServerType", "wls");
 System.setProperty("APPSERVER_TYPE", "wls");
 System.setProperty("java.security.auth.login.config","F:\\oimlib\\oimclient\\conf\\auth  wl.conf");
  OIMClient client = new OIMClient(env);
  try {
  System.out.println("12");
  client = new OIMClient(env);
  System.out.println("Initiating Oim Client");
  client.login(OIMUserName, OIMPassword.toCharArray());
  System.out.println("got OIm client successfully");
  System.out.println("Client - " + client);
} catch (Exception e) {
System.out.println("Error: " + e);
client = null;
              }
return client;
}
public static UserManager getService() {
              UserManager tcUM = null;
              Oimapi obj = new Oimapi();
              OIMClient client = obj.loginWithCustomEnv();
System.out.println("getService() -Client - " + client);
if (client != null) {
tcUM = client.getService(UserManager.class);
  System.out.println(" if (client != null) " + tcUM);
  } 
else {
      tcUM = Platform.getService(UserManager.class);
     System.out.println(" else = null) " + tcUM);
              }
              return tcUM;
          }

//Create OIM user
public void createUser(String userLogin)
 throws ValidationFailedException, AccessDeniedException,
 UserAlreadyExistsException, UserCreateException {
UserManager tcUM = getService();
long orgKey = 1;
Map<String, String> userMap = new HashMap<String, String>();
 UserManagerResult result = null; 
User user = null;
 user = new User("");
 user.setAttribute("User Login", userLogin);
 user.setAttribute("First Name", userLogin);
 user.setAttribute("Last Name", userLogin);
 user.setAttribute("usr_password", "Welcome1");
 user.setAttribute("act_key", orgKey);
 user.setAttribute("Xellerate Type", "End-User");
 user.setAttribute("Role", "Full-Time");
 System.out.println(user.getAttributes());.
 try {
 result = tcUM.create(user);
 System.out.println(user+"User Sucessfully got Created");
 } catch (Exception e) {
  System.out.print(e);
              }
  }
 //----- Schedule Job Execution
public static void main(String args[]) {
Oimapi rObj = new Oimapi();
rObj.loginWithCustomEnv();
  try{
            rObj.createUser("testUser4");
           } catch (ValidationFailedException e) {
                System.out.println(e);
          } catch (UserAlreadyExistsException e) {
                System.out.println(e);
          } catch (UserCreateException e) {
            System.out.println(e);
        }
           
          }
   

       }




at

6 comments:

  1. Unknown11 January 2015 at 06:48

    gud

    ReplyDelete
  2. Unknown7 August 2015 at 04:41

    Hi,

    I have a question. Can we use OIM Client APIs directly on OIM production environment. I have a use case where we need to create users in OIM production system. Can I use OIM APIs. Any issue or impact i.e. repository corruption or do we need to restart OIM server when we use OIM APIs for user creation?

    Thanks
    Shant

    ReplyDelete
  3. Ani27 October 2016 at 13:41

    hi are there any PL/SQL api's too?

    ReplyDelete
    Replies
    1. Rakesh28 October 2016 at 08:35

      Hi Ani,

      What's your requirements?

      Thanks
      Rakish,

      Delete
    2. Rakesh28 October 2016 at 08:35

      Hi Ani,

      What's your requirements?

      Thanks
      Rakish,

      Delete
  4. Gomathi3 December 2020 at 10:49

    Hi,
    Iam using create api (user manager.create(user)) for creating user profile in oim 11g R2 PS3. In UAT environment,it took few seconds to create 1 id but in production environment,it is taking nearly 15 mins.to create single id. Please suggest on this.

    ReplyDelete

Subscribe to: Post Comments (Atom)

Get Decode Value From Lookup Using API

                                            Get Decode Value Lookup Using API package demo.com; import Thor.API.Exceptions.tcAPIExce...