OIM 11g R2 PS2 - Notify User ID to Use

-
In this post, I will cover a scenario where in we want to notify the userid and password to the newly created user in separate email because of security reasons.


OIM out-of-the-box sends out a single mail containing userid and password.

Generated Password Notification Template is triggered by default to inform the user about his login id and password






                                                                                                                                            
                                                                                                                                                  
Modify this template to send only the password









                                                                                                                                          
                                                                                                                                                   
Create a new Template to include only the Login ID

                                                                                                                                                      
                                                                                                                                     
                                                                                                                                                               



Export
/metadata/iam-features-passwordmgmt/event-definition/EventHandlers.xml
using weblogicExportMetaData.sh

Add the below entry

<postprocess-handler class="com.dubey.deepak.oim.user.NotifyUserIdToUser" entity-type="User" operation="CREATE" name="NotifyUserIdToUser" order="2180" stage="postprocess" sync="TRUE"/>

Import back using weblogicImportMetaData.sh 


Create a new Notification Event Resolver

Export


/metadata/iam-features-passwordmgmt/notification/ResetPasswordEvent.xml 
using weblogicExportMetaData.sh

Add the below entry

<EventType name="NotifyUserIdToUser">
<StaticData>
<Attribute DataType="X2-Entity" EntityName="User" Name="Granted User"/>
</StaticData>
<Resolver class="oracle.iam.identity.notification.EndDateNotificationEventResolver">
<Param DataType="X2-Entity" EntityName="User" Name="usr_key"/>
</Resolver>
</EventType>


Import back using weblogicImportMetaData.sh

NotifyUserIdToUser java class

  1 package com.dubey.deepak.oim.user;
  2 
  3 import static oracle.iam.identity.usermgmt.api.UserManagerConstants.AttributeName.MANAGER_KEY;
  4 import static oracle.iam.identity.usermgmt.api.UserManagerConstants.AttributeName.USER_LOGIN;
  5 
  6 import java.io.Serializable;
  7 import java.util.ArrayList;
  8 import java.util.HashMap;
  9 import java.util.HashSet;
 10 import java.util.List;
 11 import java.util.Set;
 12 
 13 import oracle.iam.identity.exception.NoSuchUserException;
 14 import oracle.iam.identity.exception.UserLookupException;
 15 import oracle.iam.identity.usermgmt.api.UserManager;
 16 import oracle.iam.identity.usermgmt.vo.User;
 17 import oracle.iam.notification.api.NotificationService;
 18 import oracle.iam.notification.vo.NotificationEvent;
 19 import oracle.iam.platform.Platform;
 20 import oracle.iam.platform.authz.exception.AccessDeniedException;
 21 import oracle.iam.platform.kernel.spi.PostProcessHandler;
 22 import oracle.iam.platform.kernel.vo.AbstractGenericOrchestration;
 23 import oracle.iam.platform.kernel.vo.BulkEventResult;
 24 import oracle.iam.platform.kernel.vo.BulkOrchestration;
 25 import oracle.iam.platform.kernel.vo.EventResult;
 26 import oracle.iam.platform.kernel.vo.Orchestration;
 27 
 28 public class NotifyUserIdToUser implements PostProcessHandler {
 29 
 30  public EventResult execute(long processId, long eventId,
 31    Orchestration orchestration) {
 32   return new EventResult();
 33  }
 34 
 35  private NotificationEvent createNotificationEvent(String poTemplateName,
 36    String userKey) {
 37   NotificationEvent event = null;
 38   try {
 39    event = new NotificationEvent();
 40    String[] receiverUserIds = getRecipientUserIds(userKey);
 41    event.setUserIds(receiverUserIds);
 42    event.setTemplateName(poTemplateName);
 43    event.setSender(null);
 44    HashMap<String, Object> templateParams = new HashMap<String, Object>();
 45    templateParams.put("usr_key", userKey);
 46    event.setParams(templateParams);
 47   } catch (Exception e) {
 48    e.printStackTrace();
 49    System.out.println("e-------->" + e.getMessage());
 50   }
 51   return event;
 52  }
 53 
 54  @Override
 55  public void initialize(HashMap<String, String> arg0) {
 56 
 57  }
 58 
 59  @Override
 60  public boolean cancel(long arg0, long arg1,
 61    AbstractGenericOrchestration arg2) {
 62   return false;
 63  }
 64 
 65  @Override
 66  public void compensate(long arg0, long arg1,
 67    AbstractGenericOrchestration arg2) {
 68 
 69  }
 70 
 71  @Override
 72  public BulkEventResult execute(long l, long l1, BulkOrchestration bulkOrch) {
 73   try {
 74    System.out
 75      .println("Entering  BulkEventResult of NotifyUserIdToUser");
 76    System.out.println("l ->" + l);
 77    System.out.println("l1 ->" + l1);
 78    String oprType = bulkOrch.getOperation();
 79    System.out.println("oprType ->" + oprType);
 80    HashMap<String, Serializable>[] bulkParams = bulkOrch
 81      .getBulkParameters();
 82    for (HashMap<String, Serializable> bulkParam : bulkParams) {
 83     System.out.println("bulkParam ->" + bulkParam);
 84     Set<String> bulkKeySet = bulkParam.keySet();
 85     System.out.println("bulkKeySet ->" + bulkKeySet);
 86     String usrLogin = null;
 87     String usrKey = null;
 88     for (String key : bulkKeySet) {
 89      System.out.println("key ->" + key);
 90      Serializable serializable = bulkParam.get(key);
 91      System.out.println("serializable ->" + serializable);
 92      if (key.equalsIgnoreCase("User Login")) {
 93       usrLogin = serializable.toString();
 94       System.out.println("usrLogin ->" + usrLogin);
 95       UserManager usrMgr = Platform
 96         .getService(UserManager.class);
 97 
 98       User user = usrMgr.getDetails(usrLogin, null, true);
 99       usrKey = user.getEntityId(); // getAttribute("usr_key").toString();
100       String uid = user.getId();
101       System.out.println("uid--->" + uid);
102       System.out.println("usrKey ->" + usrKey);
103       String templateName = "Notify UserId to User";
104       NotificationService notService = Platform
105         .getService(NotificationService.class);
106       NotificationEvent eventToSend = this
107         .createNotificationEvent(templateName, usrKey);
108       notService.notify(eventToSend);
109 
110      }
111 
112     }
113    }
114   } catch (Exception e) {
115    System.out.println("exception e in BulkExecuteEvent ->"
116      + e.getMessage());
117    e.printStackTrace();
118   }
119   System.out.println("Exiting  BulkEventResult of NotifyUserIdToUser");
120   return new BulkEventResult();
121  }
122 
123  private String[] getRecipientUserIds(String userKey)
124    throws NoSuchUserException, UserLookupException,
125    AccessDeniedException {
126   UserManager usrMgr = Platform.getService(UserManager.class);
127   User user = null;
128   String userId = null;
129   Set<String> userRetAttrs = new HashSet<String>();
130   userRetAttrs.add(MANAGER_KEY.getId());
131   userRetAttrs.add(USER_LOGIN.getId());
132   User manager = null;
133   String managerId = null;
134   String managerKey = null;
135   Set<String> managerRetAttrs = new HashSet<String>();
136   managerRetAttrs.add(USER_LOGIN.getId());
137   user = usrMgr.getDetails(userKey, userRetAttrs, false);
138   userId = user.getAttribute(USER_LOGIN.getId()).toString();
139   List<String> userIds = new ArrayList<String>();
140   userIds.add(userId);
141   if (user.getAttribute(MANAGER_KEY.getId()) != null) {
142    managerKey = user.getAttribute(MANAGER_KEY.getId()).toString();
143    manager = usrMgr.getDetails(managerKey, managerRetAttrs, false);
144    managerId = manager.getAttribute(USER_LOGIN.getId()).toString();
145    userIds.add(managerId);
146   }
147   String[] recipientIDs = userIds.toArray(new String[0]);
148   return recipientIDs;
149  }
150 
151 }
152


Finally the plugin.xml file to for packaging and registration


<?xml version="1.0" encoding="UTF-8"?>
<oimplugins>
  <plugins pluginpoint="oracle.iam.platform.kernel.spi.EventHandler">
    <plugin pluginclass=
        "com.dubey.deepak.oim.user.NotifyUserIdToUser"
         version="1.0"
         name="NotifyUserIdToUser">
    </plugin>
  </plugins>
</oimplugins>


Run the “ant -f pluginregistration.xml register” and register/upload the plugin to OIM.

Comments

Post a Comment

Popular posts from this blog

OIM 11g R2 PS2 : SOA Approval Workflow Sample

-
Image
In this post I am posting the sample code for a sample SOA approval workflow. Some of the features that this workflow addresses are Approval to Manager or Role Owners is dynamic based on the custom OIM system property "approval-condition". Value is set either "AND" or "OR". Manager or Role Owner can be set to be notified only with no approval required. In this case only email is sent to notify them but no approval is required from them. Custom OIM system property are created to address this.   manager-notify-only = TRUE or FALSE  TRUE = only notify the manager no approval request sent. FALSE = notify the manager and send an approval request.   roleowner-notify-only = TRUE or FALSE  TRUE = only notify the role owner no approval request sent. FALSE = notify the role owner and send an approval request. Third Level System Notification was required but it should be dynamic.  Custom OIM system property are created to address this sysadmin-noti
Read more

Oracle Identity Manager (OIM) Interview Questions

-
This is my 100th post on my blog and in this post, I will list down interview questions on OIM. This post will always be work in progress as I keep appending this list with more and more questions. Please find the list of questions below :-) What are the new features in PS3 ? What are the differences between PS2 and PS3 ? How do you identify rogue account creation in target system ? What is the high level architecture of OIM 11g ? List out difference between OIM 9.1 and 11g and possibly 11gR2 What are the new features in 11gR2 PS2 , PS3 How do you save multi-valued attribute in process form and how the linking happens between process form & child form ,   1 child form per multi valued attribute Can we still use entity adapters in OIM 11g What is pluginservice in oim 11g/  What is the orchestration service in oim 11g. what is the difference between entity match found  and process match found ? what are service accounts in oim ? why remote manager is used ? What is a c
Read more

OHS 12c (12.1.3) webgate deployment and configuration

-
In this post, I will cover the deployment and configuration of webgate 12c webgate. OHS 12c comes pre-bundled with a webgate so we don't have to separately download and install any webgate. If you have installed OHS then you have a webgate which you can configure to protect OHS. Also there is no gui screens involved as all configurations are done via command line tools. In the previous post i covered installation and configuration of OHS 12c. This post builds on top of that. Step 1 deploy webgate ./deployWebGateInstance.sh -w /OHS_12c_WEBSERVER_HOME/webserver/instances/instance1/config/fmwconfig/components/OHS/ohs1 -oh /OHS_12c_MW_HOME/ Copying files from WebGate Oracle Home to WebGate Instancedir Step 2 Config webgate export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/OHS_12c_MW_HOME/lib cd /OHS_12c_MW_HOME/webgate/ohs/tools/setup/InstallTools/ ./EditHttpConf -w /OHS_12c_WEBSERVER_HOME/webserver/instances/instance1/config/fmwconfig/components/OHS/ohs1 -oh /OHS_12c_MW_HO
Read more