OIM User Attributes Modification

While integrating Oracle Identity Manager within a corporate environment, sometimes it is important to change some user attributes externally. OIM API provides simple means to perform these operations.

As is the case in any operation, a connection needs to be made to the OIM instance. This is a simple task, but one must ensure that credentials are properly stored and protected.

 

protected static OIMClient client;

private static String OIMInitialContextFactory = “weblogic.jndi.WLInitialContextFactory”;

 

public OIMConnect(String fileName) throws Exception

{

Hashtable<String, String> env = new Hashtable<String, String>();

env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, OIMInitialContextFactory);

env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, CONNECTION_URL);

client = new OIMClient(env);

System.setProperty(“java.security.auth.login.config”, AUTHCONF_FILE);

System.setProperty(“OIM.AppServerType”, “weblogic”);

client.login(OIMUSERNAME, OIMUSERPASSWORD.toCharArray());

return;

}

Because the intent is to perform a modify operation on user attributes, we would need an instance of UserManager class. The methods available thru this class allow us to modify user object. In order to get the UserManager object, the following snippet of code can be used :

 

protected UserManager getUserManager() throws Exception

{

UserManager umgr = null;

umgr = client.getService(UserManager.class);

return umgr;

}

 

Now we are ready to perform modification operations. But before that, it needs to be mentioned that password attribute is treated differently than any other attribute. So the opertaions that need to be performed are distinct.

 

Any attribute, other than password can be modified with the help of the following code snippet :

HashMap<String, Object> mapAttrs = null;

UserManager umgr = null;

UserManagerResult result = null;

User user = null;

 

umgr = this.getUserManager();

 

mapAttrs = new HashMap<String, Object>();

mapAttrs.put(“User Login”, USERID);

mapAttrs.put(ATTRIBUTE_NAME, NEWATTRIBUTE_VALUE);

result = umgr.modify(“User Login”, USERID, user);

operStatus = result.getStatus();  // This will provide the status of the call

 

As can be seen, the modify operation is perfromed using an instance of User object, which is then passed to UserManager object for execution. The operation for password update is a bit different.

umgr.changePassword(USERID, NEWPASSWORD.trim().toCharArray(), true, null,false);

So the password change is performed directly thru the UserManager object, by identifying the intended user.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply