OIM User Attributes Modification

/0 Comments/in , , , /by

While integrating Oracle Identity Manager within a corporate environment, sometimes it is important to change some user attributes externally. OIM API provides simple means to perform these operations.

As is the case in any operation, a connection needs to be made to the OIM instance. This is a simple task, but one must ensure that credentials are properly stored and protected.

 

protected static OIMClient client;

private static String OIMInitialContextFactory = “weblogic.jndi.WLInitialContextFactory”;

 

public OIMConnect(String fileName) throws Exception

{

Hashtable<String, String> env = new Hashtable<String, String>();

env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, OIMInitialContextFactory);

env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, CONNECTION_URL);

client = new OIMClient(env);

System.setProperty(“java.security.auth.login.config”, AUTHCONF_FILE);

System.setProperty(“OIM.AppServerType”, “weblogic”);

client.login(OIMUSERNAME, OIMUSERPASSWORD.toCharArray());

return;

}

Because the intent is to perform a modify operation on user attributes, we would need an instance of UserManager class. The methods available thru this class allow us to modify user object. In order to get the UserManager object, the following snippet of code can be used :

 

protected UserManager getUserManager() throws Exception

{

UserManager umgr = null;

umgr = client.getService(UserManager.class);

return umgr;

}

 

Now we are ready to perform modification operations. But before that, it needs to be mentioned that password attribute is treated differently than any other attribute. So the opertaions that need to be performed are distinct.

 

Any attribute, other than password can be modified with the help of the following code snippet :

HashMap<String, Object> mapAttrs = null;

UserManager umgr = null;

UserManagerResult result = null;

User user = null;

 

umgr = this.getUserManager();

 

mapAttrs = new HashMap<String, Object>();

mapAttrs.put(“User Login”, USERID);

mapAttrs.put(ATTRIBUTE_NAME, NEWATTRIBUTE_VALUE);

result = umgr.modify(“User Login”, USERID, user);

operStatus = result.getStatus();  // This will provide the status of the call

 

As can be seen, the modify operation is perfromed using an instance of User object, which is then passed to UserManager object for execution. The operation for password update is a bit different.

umgr.changePassword(USERID, NEWPASSWORD.trim().toCharArray(), true, null,false);

So the password change is performed directly thru the UserManager object, by identifying the intended user.

You might also like
Start With The End In Mind: Blog #2 – Speed Delivery of Access to Business Users
IBM Pulse 2012
EHR Stimulus Incentive
Okta End-to-End Identity Management: From Access to Governance
Identity & Access Management Best Practices Webinar
With today’s increasing Mobile Enterprise Security Threats, do you have a strategy to mitigate the risk on your Corporate Network?
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply