-
-
Save ramannanda9/1204809 to your computer and use it in GitHub Desktop.
| import java.security.Principal; | |
| import java.util.ArrayList; | |
| import java.util.HashMap; | |
| import java.util.HashSet; | |
| import java.util.Hashtable; | |
| import java.util.Iterator; | |
| import java.util.List; | |
| import java.util.Map; | |
| import java.util.ResourceBundle; | |
| import java.util.Set; | |
| import oracle.adf.share.ADFContext; | |
| import oracle.adf.share.logging.ADFLogger; | |
| import oracle.adf.share.security.SecurityContext; | |
| import oracle.adf.share.security.identitymanagement.UserProfile; | |
| import oracle.security.idm.ComplexSearchFilter; | |
| import oracle.security.idm.IMException; | |
| import oracle.security.idm.Identity; | |
| import oracle.security.idm.IdentityStore; | |
| import oracle.security.idm.IdentityStoreFactory; | |
| import oracle.security.idm.IdentityStoreFactoryBuilder; | |
| import oracle.security.idm.ObjectNotFoundException; | |
| import oracle.security.idm.OperationNotSupportedException; | |
| import oracle.security.idm.Role; | |
| import oracle.security.idm.RoleManager; | |
| import oracle.security.idm.RoleProfile; | |
| import oracle.security.idm.SearchFilter; | |
| import oracle.security.idm.SearchParameters; | |
| import oracle.security.idm.SearchResponse; | |
| import oracle.security.idm.SimpleSearchFilter; | |
| import oracle.security.idm.User; | |
| import oracle.security.idm.UserManager; | |
| import oracle.security.idm.providers.oid.OIDIdentityStoreFactory; | |
| /** | |
| *This class can be used to perform operation on OID using OPSS API | |
| * @author Ramandeep Nanda | |
| */ | |
| public class OIDOperations { | |
| public static final ADFLogger OIDLogger=ADFLogger.createADFLogger(OIDOperations.class); | |
| private static final ResourceBundle rb = | |
| ResourceBundle.getBundle("yourresourcebundlelocation"); | |
| /** | |
| * | |
| * @return The store instance for OID store | |
| */ | |
| public static IdentityStore getStoreInstance(){ | |
| return IdentityStoreConfigurator.initializeDefaultStore(); | |
| } | |
| public static IdentityStoreFactory getIdentityStoreFactory(){ | |
| return IdentityStoreConfigurator.idStoreFactory; | |
| } | |
| /** | |
| * Returns the logged in User if using ADF security | |
| * @return The logged in User | |
| */ | |
| public static String getLoggedInUser(){ | |
| ADFContext ctxt=ADFContext.getCurrent(); | |
| SecurityContext sctxt=ctxt.getSecurityContext(); | |
| return sctxt.getUserName(); | |
| } | |
| /** | |
| * This method returns the user profile of currently logged in user if using ADF security | |
| * @return oracle.adf.share.security.identitymanagement.UserProfile; | |
| */ | |
| public static UserProfile getLoggedInUserProfile(){ | |
| ADFContext ctxt=ADFContext.getCurrent(); | |
| SecurityContext sctxt=ctxt.getSecurityContext(); | |
| return sctxt.getUserProfile(); | |
| } | |
| /** | |
| * Assigns the specified role to the user | |
| * @param roleName the role to assign | |
| * @param userName the user to assign role to | |
| */ | |
| public static void assignRoleToUser(String roleName,String userName){ | |
| String methodName=Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| try { | |
| Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName); | |
| User user= store.searchUser(userName); | |
| RoleManager rm=store.getRoleManager(); | |
| if(!rm.isGranted(role, user.getPrincipal())){ | |
| rm.grantRole(role, user.getPrincipal()); | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e); | |
| throw new JboException("Could not assign role ["+roleName+"] to the user ["+userName +"] due to "+e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| /** | |
| * Assigns the specified role to the user | |
| * @param roleNames the roles to assign | |
| * @param userName the user to assign role to | |
| * @return the set of users who are assigned roles | |
| */ | |
| public static Set assignRolesToUser(Set roleNames,String userName){ | |
| Set rolesAssigned=new HashSet(); | |
| String methodName=Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| String roleName=null; | |
| try { | |
| User user= store.searchUser(userName); | |
| Principal userPrincipal=user.getPrincipal(); | |
| RoleManager rm=store.getRoleManager(); | |
| Iterator it=roleNames.iterator(); | |
| while(it.hasNext()){ | |
| roleName=(String)it.next(); | |
| Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName); | |
| if(!rm.isGranted(role, user.getPrincipal())){ | |
| rm.grantRole(role,userPrincipal); | |
| rolesAssigned.add(roleName); | |
| } | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e); | |
| throw new JboException("Could not assign role ["+roleName+"] to the user ["+userName +"] due to "+e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return rolesAssigned; | |
| } | |
| /** | |
| * Assigns the specified role to the user | |
| * @param roleName the role to assign | |
| * @param users the users to assign role to | |
| * @return The users who are assigned the role | |
| */ | |
| public static Set assignRoleToUsers(String roleName,Map users){ | |
| Set usersAssigned=new HashSet(); | |
| String methodName=Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| Set entrySet = users.entrySet(); | |
| Iterator it=entrySet.iterator(); | |
| String userName=null; | |
| try { | |
| Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName); | |
| RoleManager rm=store.getRoleManager(); | |
| while(it.hasNext()){ | |
| Map.Entry entry=(Map.Entry)it.next(); | |
| userName=(String)entry.getKey(); | |
| User user= store.searchUser(userName); | |
| if(!rm.isGranted(role, user.getPrincipal())){ | |
| rm.grantRole(role, user.getPrincipal()); | |
| usersAssigned.add(user); | |
| } | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return usersAssigned; | |
| } | |
| //revoke sample below It is similar to the above mentioned assign case so mentioning a sample operation | |
| /** | |
| * To remove the role from user | |
| * @param roleName the role to remove/ revoke | |
| * @param userName the user from which to revoke role | |
| */ | |
| public static void removeRoleFromUser(String roleName,String userName){ | |
| String methodName=Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| try { | |
| Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName); | |
| User user= store.searchUser(userName); | |
| RoleManager rm=store.getRoleManager(); | |
| if(rm.isGranted(role, user.getPrincipal())){ | |
| rm.revokeRole(role, user.getPrincipal()); | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + "Could not revoke role ["+roleName+"] from the user ["+userName +"] because of " +e.getMessage() +" ", e); | |
| throw new JboException("Could not remove role ["+roleName+"] from the user ["+userName +"] due to "+e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| public static void dropUserWithRoles(String userId){ | |
| UserManager um = null; | |
| IdentityStore store=null; | |
| User newUser = null; | |
| try { | |
| store=OIDOperations.getStoreInstance(); | |
| User user = store.searchUser(IdentityStore.SEARCH_BY_NAME, userId); | |
| um=store.getUserManager(); | |
| if (user != null) { | |
| //drop user if already present | |
| um.dropUser(user); | |
| RoleManager rm = store.getRoleManager(); | |
| Principal userPrincipal= user.getPrincipal(); | |
| SearchResponse resp=rm.getGrantedRoles(userPrincipal, true); | |
| while(resp.hasNext()){ | |
| rm.revokeRole((Role)resp.next(), user.getPrincipal()); | |
| } | |
| } | |
| } | |
| catch (IMException e) { | |
| OIDLogger.info("[dropUser]" + | |
| e); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| public static void dropUser(String userId){ | |
| UserManager um = null; | |
| User newUser = null; | |
| IdentityStore store=null; | |
| try { | |
| store =OIDOperations.getStoreInstance(); | |
| User user = store.searchUser(IdentityStore.SEARCH_BY_NAME, userId); | |
| um=store.getUserManager(); | |
| if (user != null) { | |
| //drop user if already present | |
| um.dropUser(user); | |
| } | |
| } | |
| catch (IMException e) { | |
| OIDLogger.info("[dropUser]" + | |
| e); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| /** | |
| * Gets the userProfile of the logged in user if using ADF security | |
| * @param approverUser | |
| * @return | |
| */ | |
| public static oracle.security.idm.UserProfile getUserProfile(String approverUser) { | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| oracle.security.idm.UserProfile profile=null; | |
| try { | |
| User user= store.searchUser(approverUser); | |
| profile=user.getUserProfile(); | |
| } catch (IMException e) { | |
| OIDLogger.info("Could not find user in OID with supplied Id"+approverUser); | |
| throw new JboException(e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return profile; | |
| } | |
| /** | |
| * Gets all the roles | |
| * @return | |
| */ | |
| public static List getAllRoles(){ | |
| String methodName = Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| List returnList=new ArrayList(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| try{ | |
| SimpleSearchFilter filter=store.getSimpleSearchFilter(RoleProfile.NAME,SimpleSearchFilter.TYPE_EQUAL,null); | |
| String wildCardChar=filter.getWildCardChar(); | |
| // Here the default_role is a property this is just a placeholder can be any pattern you want to search | |
| filter.setValue(wildCardChar+rb.getString("DEFAULT_ROLE")+wildCardChar); | |
| SearchParameters parameters=new SearchParameters(filter,SearchParameters.SEARCH_ROLES_ONLY) ; | |
| SearchResponse resp=store.searchRoles(Role.SCOPE_ANY,parameters); | |
| while(resp.hasNext()){ | |
| Role role=(Role)resp.next(); | |
| String tempRole=role.getPrincipal().getName(); | |
| returnList.add(tempRole); | |
| } | |
| store.close(); | |
| }catch(IMException e){ | |
| OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e); | |
| throw new JboException(e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return returnList; | |
| } | |
| /** | |
| * Fetches all the roles assigned to the user | |
| * @param userName | |
| * @return | |
| */ | |
| public static List getAllUserRoles(String userName, String searchPath) { | |
| String methodName = Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| List returnList=new ArrayList(); | |
| IdentityStoreFactory storeFactory = OIDOperations.getIdentityStoreFactory(); | |
| IdentityStore store=null; | |
| String[] userSearchBases= {rb.getString(searchPath)}; | |
| String[] groupSearchBases= {rb.getString("group.search.bases")}; | |
| Hashtable storeEnv=new Hashtable(); | |
| storeEnv.put(OIDIdentityStoreFactory.ADF_IM_SUBSCRIBER_NAME,rb.getString("oidsubscribername")); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_USER_SEARCH_BASES,userSearchBases); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_SEARCH_BASES,groupSearchBases); | |
| try{ | |
| store = storeFactory.getIdentityStoreInstance(storeEnv); | |
| User user= store.searchUser(IdentityStore.SEARCH_BY_NAME,userName); | |
| RoleManager mgr=store.getRoleManager(); | |
| SearchResponse resp= mgr.getGrantedRoles(user.getPrincipal(), false); | |
| while(resp.hasNext()){ | |
| String name= resp.next().getName(); | |
| returnList.add(name); | |
| } | |
| }catch(IMException e){ | |
| OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e); | |
| throw new JboException(e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return returnList; | |
| } | |
| /** | |
| *Use to change the passoword for logged in user It uses ADF Security Context to get logged in user | |
| * | |
| **/ | |
| public static void changePasswordForUser(String oldPassword,String newPassword, String userName){ | |
| String methodName = | |
| java.lang.Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| SecurityContext securityContext = | |
| ADFContext.getCurrent().getSecurityContext(); | |
| String user = securityContext.getUserName(); | |
| IdentityStore oidStore=null; | |
| oidStore= OIDOperations.getStoreInstance(); | |
| try { | |
| UserManager uMgr = oidStore.getUserManager(); | |
| User authUser = | |
| uMgr.authenticateUser(user, oldPassword.toCharArray()); | |
| if (authUser != null) { | |
| UserProfile profile = authUser.getUserProfile(); | |
| profile.setPassword( oldPassword.toCharArray(), | |
| newPasswordtoCharArray()); | |
| } | |
| } catch (IMException e) { | |
| if (OIDLogger.isLoggable(Level.SEVERE)) { | |
| OIDLogger.severe("[" + methodName + | |
| "] Exception occured due to " + e.getCause(), | |
| e); | |
| } | |
| throw new JboException(e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| oidStore.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| /** | |
| * Resets the password for user | |
| * | |
| **/ | |
| public static void resetPasswordForUser(String userId) | |
| { | |
| String methodName = | |
| java.lang.Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore oidStore = OIDOperations.getStoreInstance(); | |
| User user = null; | |
| try { | |
| user = oidStore.searchUser(userId); | |
| if (user != null) { | |
| UserProfile userProfile = user.getUserProfile(); | |
| List passwordValues = | |
| userProfile.getProperty("userpassword").getValues(); | |
| ModProperty prop = | |
| new ModProperty("PASSWORD", passwordValues.get(0), | |
| ModProperty.REMOVE); | |
| userProfile.setProperty(prop); | |
| String randomPassword = generateRandomPassword(); | |
| userProfile.setPassword(null, randomPassword.toCharArray()); | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("[" + methodName + "]" + | |
| "Exception occured due to ", e); | |
| } | |
| finally { | |
| try{ | |
| oidStore.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| /** | |
| * This nested private class is used for configuring and initializing a store instance | |
| * @author Ramandeep Nanda | |
| */ | |
| private static final class IdentityStoreConfigurator { | |
| private static final IdentityStoreFactory idStoreFactory=initializeFactory(); | |
| private static IdentityStoreFactory initializeFactory(){ | |
| String methodName = Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStoreFactoryBuilder builder = new | |
| IdentityStoreFactoryBuilder(); | |
| IdentityStoreFactory oidFactory = null; | |
| try { | |
| Hashtable factEnv = new Hashtable(); | |
| factEnv.put(OIDIdentityStoreFactory.ST_SECURITY_PRINCIPAL,rb.getString("oidusername")); | |
| factEnv.put(OIDIdentityStoreFactory.ST_SECURITY_CREDENTIALS, rb.getString("oiduserpassword")); | |
| factEnv.put(OIDIdentityStoreFactory.ST_SUBSCRIBER_NAME,rb.getString("oidsubscribername")); | |
| factEnv.put(OIDIdentityStoreFactory.ST_LDAP_URL,rb.getString("ldap.url")); | |
| factEnv.put(OIDIdentityStoreFactory.ST_USER_NAME_ATTR,rb.getString("username.attr")); | |
| oidFactory = builder.getIdentityStoreFactory("oracle.security.idm.providers.oid.OIDIdentityStoreFactory", factEnv); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e); | |
| //re throw exception here | |
| } | |
| return oidFactory; | |
| } | |
| private static IdentityStore initializeDefaultStore(){ | |
| IdentityStore store=null; | |
| String methodName = Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| String[] userSearchBases= {rb.getString("user.search.bases")}; | |
| String[] groupCreateBases= {rb.getString("group.search.bases")}; | |
| String []usercreate={rb.getString("user.create.bases")}; | |
| String [] groupClass={rb.getString("GROUP_CLASSES")}; | |
| Hashtable storeEnv=new Hashtable(); | |
| storeEnv.put(OIDIdentityStoreFactory.ADF_IM_SUBSCRIBER_NAME,rb.getString("oidsubscribername")); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_USER_SEARCH_BASES,userSearchBases); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_SEARCH_BASES,groupCreateBases); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_USER_CREATE_BASES,usercreate); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_USER_SELECTED_CREATEBASE,rb.getString("user.create.bases")); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_OBJECT_CLASSES,groupClass); | |
| try{ | |
| store = IdentityStoreConfigurator.idStoreFactory.getIdentityStoreInstance(storeEnv); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e); | |
| // re throw exception here | |
| } | |
| return store; | |
| } | |
| } |
| /** | |
| *This class can be used to perform operation on OID using OPSS API | |
| * @author Ramandeep Nanda | |
| */ | |
| public class OIDOperations { | |
| public static final ADFLogger OIDLogger=ADFLogger.createADFLogger(OIDOperations.class); | |
| /** | |
| * | |
| * @return The store instance for OID store | |
| */ | |
| public static IdentityStore getStoreInstance(){ | |
| return IdentityStoreConfigurator.initializeDefaultStore(); | |
| } | |
| public static IdentityStoreFactory getIdentityStoreFactory(){ | |
| return IdentityStoreConfigurator.idStoreFactory; | |
| } | |
| /** | |
| * Returns the logged in User if using ADF security | |
| * @return The logged in User | |
| */ | |
| public static String getLoggedInUser(){ | |
| ADFContext ctxt=ADFContext.getCurrent(); | |
| SecurityContext sctxt=ctxt.getSecurityContext(); | |
| return sctxt.getUserName(); | |
| } | |
| /** | |
| * This method returns the user profile of currently logged in user if using ADF security | |
| * @return oracle.adf.share.security.identitymanagement.UserProfile; | |
| */ | |
| public static UserProfile getLoggedInUserProfile(){ | |
| ADFContext ctxt=ADFContext.getCurrent(); | |
| SecurityContext sctxt=ctxt.getSecurityContext(); | |
| return sctxt.getUserProfile(); | |
| } | |
| /** | |
| * Assigns the specified role to the user | |
| * @param roleName the role to assign | |
| * @param userName the user to assign role to | |
| */ | |
| public static void assignRoleToUser(String roleName,String userName){ | |
| String methodName=Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| try { | |
| Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName); | |
| User user= store.searchUser(userName); | |
| RoleManager rm=store.getRoleManager(); | |
| if(!rm.isGranted(role, user.getPrincipal())){ | |
| rm.grantRole(role, user.getPrincipal()); | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e); | |
| throw new SahajException("Could not assign role ["+roleName+"] to the user ["+userName +"] due to "+e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| /** | |
| * Assigns the specified role to the user | |
| * @param roleNames the roles to assign | |
| * @param userName the user to assign role to | |
| * @return the set of users who are assigned roles | |
| */ | |
| public static Set assignRolesToUser(Set roleNames,String userName){ | |
| Set rolesAssigned=new HashSet(); | |
| String methodName=Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| String roleName=null; | |
| try { | |
| User user= store.searchUser(userName); | |
| Principal userPrincipal=user.getPrincipal(); | |
| RoleManager rm=store.getRoleManager(); | |
| Iterator it=roleNames.iterator(); | |
| while(it.hasNext()){ | |
| roleName=(String)it.next(); | |
| Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName); | |
| if(!rm.isGranted(role, user.getPrincipal())){ | |
| rm.grantRole(role,userPrincipal); | |
| rolesAssigned.add(roleName); | |
| } | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e); | |
| throw new SahajException("Could not assign role ["+roleName+"] to the user ["+userName +"] due to "+e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return rolesAssigned; | |
| } | |
| /** | |
| * Assigns the specified role to the user | |
| * @param roleName the role to assign | |
| * @param users the users to assign role to | |
| * @return The users who are assigned the role | |
| */ | |
| public static Set assignRoleToUsers(String roleName,Map users){ | |
| Set usersAssigned=new HashSet(); | |
| String methodName=Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| Set entrySet = users.entrySet(); | |
| Iterator it=entrySet.iterator(); | |
| String userName=null; | |
| try { | |
| Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName); | |
| RoleManager rm=store.getRoleManager(); | |
| while(it.hasNext()){ | |
| Map.Entry entry=(Map.Entry)it.next(); | |
| userName=(String)entry.getKey(); | |
| User user= store.searchUser(userName); | |
| if(!rm.isGranted(role, user.getPrincipal())){ | |
| rm.grantRole(role, user.getPrincipal()); | |
| usersAssigned.add(user); | |
| } | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return usersAssigned; | |
| } | |
| //revoke sample below It is similar to the above mentioned assign case so mentioning a sample operation | |
| /** | |
| * To remove the role from user | |
| * @param roleName the role to remove/ revoke | |
| * @param userName the user from which to revoke role | |
| */ | |
| public static void removeRoleFromUser(String roleName,String userName){ | |
| String methodName=Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| try { | |
| Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName); | |
| User user= store.searchUser(userName); | |
| RoleManager rm=store.getRoleManager(); | |
| if(rm.isGranted(role, user.getPrincipal())){ | |
| rm.revokeRole(role, user.getPrincipal()); | |
| } | |
| } catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + "Could not revoke role ["+roleName+"] from the user ["+userName +"] because of " +e.getMessage() +" ", e); | |
| throw new SahajException("Could not remove role ["+roleName+"] from the user ["+userName +"] due to "+e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| public static void dropUserWithRoles(String userId){ | |
| UserManager um = null; | |
| IdentityStore store=null; | |
| User newUser = null; | |
| try { | |
| store=OIDOperations.getStoreInstance(); | |
| User user = store.searchUser(IdentityStore.SEARCH_BY_NAME, userId); | |
| um=store.getUserManager(); | |
| if (user != null) { | |
| //drop user if already present | |
| um.dropUser(user); | |
| RoleManager rm = store.getRoleManager(); | |
| Principal userPrincipal= user.getPrincipal(); | |
| SearchResponse resp=rm.getGrantedRoles(userPrincipal, true); | |
| while(resp.hasNext()){ | |
| rm.revokeRole((Role)resp.next(), user.getPrincipal()); | |
| } | |
| } | |
| } | |
| catch (IMException e) { | |
| OIDLogger.info("[dropUser]" + | |
| e); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| public static void dropUser(String userId){ | |
| UserManager um = null; | |
| User newUser = null; | |
| IdentityStore store=null; | |
| try { | |
| store =OIDOperations.getStoreInstance(); | |
| User user = store.searchUser(IdentityStore.SEARCH_BY_NAME, userId); | |
| um=store.getUserManager(); | |
| if (user != null) { | |
| //drop user if already present | |
| um.dropUser(user); | |
| } | |
| } | |
| catch (IMException e) { | |
| OIDLogger.info("[dropUser]" + | |
| e); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| /** | |
| * Gets the userProfile of the logged in user if using ADF security | |
| * @param approverUser | |
| * @return | |
| */ | |
| public static oracle.security.idm.UserProfile getUserProfile(String approverUser) { | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| oracle.security.idm.UserProfile profile=null; | |
| try { | |
| User user= store.searchUser(approverUser); | |
| profile=user.getUserProfile(); | |
| } catch (IMException e) { | |
| OIDLogger.info("Could not find user in OID with supplied Id"+approverUser); | |
| throw new SahajException(e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return profile; | |
| } | |
| /** | |
| * Gets all the roles | |
| * @return | |
| */ | |
| public static List getAllRoles(){ | |
| String methodName = Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| List returnList=new ArrayList(); | |
| IdentityStore store=OIDOperations.getStoreInstance(); | |
| try{ | |
| SimpleSearchFilter filter=store.getSimpleSearchFilter(RoleProfile.NAME,SimpleSearchFilter.TYPE_EQUAL,null); | |
| String wildCardChar=filter.getWildCardChar(); | |
| // Here the default_role is a property this is just a placeholder can be any pattern you want to search | |
| filter.setValue(wildCardChar+rb.getString("DEFAULT_ROLE")+wildCardChar); | |
| SearchParameters parameters=new SearchParameters(filter,SearchParameters.SEARCH_ROLES_ONLY) ; | |
| SearchResponse resp=store.searchRoles(Role.SCOPE_ANY,parameters); | |
| while(resp.hasNext()){ | |
| Role role=(Role)resp.next(); | |
| String tempRole=role.getPrincipal().getName(); | |
| returnList.add(tempRole); | |
| } | |
| store.close(); | |
| }catch(IMException e){ | |
| OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e); | |
| throw new SahajException(e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return returnList; | |
| } | |
| /** | |
| * Fetches all the roles assigned to the user | |
| * @param userName | |
| * @return | |
| */ | |
| public static List getAllUserRoles(String userName, String searchPath) { | |
| String methodName = Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| List returnList=new ArrayList(); | |
| IdentityStoreFactory storeFactory = OIDOperations.getIdentityStoreFactory(); | |
| IdentityStore store=null; | |
| String[] userSearchBases= {rb.getString(searchPath)}; | |
| String[] groupSearchBases= {rb.getString("group.search.bases")}; | |
| Hashtable storeEnv=new Hashtable(); | |
| storeEnv.put(OIDIdentityStoreFactory.ADF_IM_SUBSCRIBER_NAME,rb.getString("oidsubscribername")); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_USER_SEARCH_BASES,userSearchBases); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_SEARCH_BASES,groupSearchBases); | |
| try{ | |
| store = storeFactory.getIdentityStoreInstance(storeEnv); | |
| User user= store.searchUser(IdentityStore.SEARCH_BY_NAME,userName); | |
| RoleManager mgr=store.getRoleManager(); | |
| SearchResponse resp= mgr.getGrantedRoles(user.getPrincipal(), false); | |
| while(resp.hasNext()){ | |
| String name= resp.next().getName(); | |
| returnList.add(name); | |
| } | |
| }catch(IMException e){ | |
| OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e); | |
| throw new SahajException(e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| store.close(); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| return returnList; | |
| } | |
| /** | |
| *Use to change the passoword for logged in user It uses ADF Security Context to get logged in user | |
| * | |
| **/ | |
| public static void changePasswordForUser(String oldPassword,String newPassword, String userName){ | |
| String methodName = | |
| java.lang.Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| SecurityContext securityContext = | |
| ADFContext.getCurrent().getSecurityContext(); | |
| String user = securityContext.getUserName(); | |
| oidStore= OIDOperations.getStoreInstance(); | |
| try { | |
| UserManager uMgr = oidStore.getUserManager(); | |
| User authUser = | |
| uMgr.authenticateUser(user, oldPassword.toCharArray()); | |
| if (authUser != null) { | |
| UserProfile profile = authUser.getUserProfile(); | |
| profile.setPassword( oldPassword.toCharArray(), | |
| newPasswordtoCharArray()); | |
| } | |
| } catch (IMException e) { | |
| if (amLogger.isLoggable(Level.SEVERE)) { | |
| amLogger.severe("[" + methodName + | |
| "] Exception occured due to " + e.getCause(), | |
| e); | |
| } | |
| throw new Exception(e.getMessage()); | |
| } | |
| finally { | |
| try{ | |
| oidStore.close(); | |
| } | |
| catch (IMException e) { | |
| amLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| /** | |
| * Resets the password for user | |
| * | |
| **/ | |
| public static void resetPasswordForUser(String userId) | |
| { | |
| String methodName = | |
| java.lang.Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStore oidStore = OIDOperations.getStoreInstance(); | |
| User user = null; | |
| try { | |
| user = oidStore.searchUser(userId); | |
| if (user != null) { | |
| UserProfile userProfile = user.getUserProfile(); | |
| List passwordValues = | |
| userProfile.getProperty("userpassword").getValues(); | |
| ModProperty prop = | |
| new ModProperty("PASSWORD", passwordValues.get(0), | |
| ModProperty.REMOVE); | |
| userProfile.setProperty(prop); | |
| String randomPassword = generateRandomPassword(); | |
| userProfile.setPassword(null, randomPassword.toCharArray()); | |
| } | |
| } catch (IMException e) { | |
| amLogger.severe("[" + methodName + "]" + | |
| "Exception occured due to ", e); | |
| } | |
| finally { | |
| try{ | |
| oidStore.close(); | |
| } | |
| catch (IMException e) { | |
| amLogger.severe("Exception occured in closing store"); | |
| } | |
| } | |
| } | |
| /** | |
| * This nested private class is used for configuring and initializing a store instance | |
| * @author Ramandeep Nanda | |
| */ | |
| private static final class IdentityStoreConfigurator { | |
| private static final IdentityStoreFactory idStoreFactory=initializeFactory(); | |
| private static IdentityStoreFactory initializeFactory(){ | |
| String methodName = Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| IdentityStoreFactoryBuilder builder = new | |
| IdentityStoreFactoryBuilder(); | |
| IdentityStoreFactory oidFactory = null; | |
| try { | |
| Hashtable factEnv = new Hashtable(); | |
| factEnv.put(OIDIdentityStoreFactory.ST_SECURITY_PRINCIPAL,rb.getString("oidusername")); | |
| factEnv.put(OIDIdentityStoreFactory.ST_SECURITY_CREDENTIALS, rb.getString("oiduserpassword")); | |
| factEnv.put(OIDIdentityStoreFactory.ST_SUBSCRIBER_NAME,rb.getString("oidsubscribername")); | |
| factEnv.put(OIDIdentityStoreFactory.ST_LDAP_URL,rb.getString("ldap.url")); | |
| factEnv.put(OIDIdentityStoreFactory.ST_USER_NAME_ATTR,rb.getString("username.attr")); | |
| oidFactory = builder.getIdentityStoreFactory("oracle.security.idm.providers.oid.OIDIdentityStoreFactory", factEnv); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e); | |
| throw new SahajException(e.getMessage()); | |
| } | |
| return oidFactory; | |
| } | |
| private static IdentityStore initializeDefaultStore(){ | |
| IdentityStore store=null; | |
| String methodName = Thread.currentThread().getStackTrace()[1].getMethodName(); | |
| String[] userSearchBases= {rb.getString("user.search.bases")}; | |
| String[] groupCreateBases= {rb.getString("group.search.bases")}; | |
| String []usercreate={rb.getString("user.create.bases")}; | |
| String [] groupClass={rb.getString("GROUP_CLASSES")}; | |
| Hashtable storeEnv=new Hashtable(); | |
| storeEnv.put(OIDIdentityStoreFactory.ADF_IM_SUBSCRIBER_NAME,rb.getString("oidsubscribername")); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_USER_SEARCH_BASES,userSearchBases); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_SEARCH_BASES,groupCreateBases); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_USER_CREATE_BASES,usercreate); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_USER_SELECTED_CREATEBASE,rb.getString("user.create.bases")); | |
| storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_OBJECT_CLASSES,groupClass); | |
| try{ | |
| store = IdentityStoreConfigurator.idStoreFactory.getIdentityStoreInstance(storeEnv); | |
| } | |
| catch (IMException e) { | |
| OIDLogger.severe("Exception in "+methodName + " " +e.getMessage() +" ", e); | |
| throw new SahajException(e.getMessage()); | |
| } | |
| return store; | |
| } | |
| } |
can you post the code for creation ? and what is this attribute group classes ?
The example is also here with attribute values http://ramannanda.blogspot.com/2011/09/opss-adf-security-utility.html
thx a lot for replying
i solve this problem by add this piece of code when initialize the store
storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_CREATE_BASES,groupCreateBases);
but what i realize is this attributes is incomplete like rb.getString("DEFAULT_ROLE")
DEFAULT_ROLE is not mentioned here i need you to find the attributes not mentions in the link
thank you again and best regards
ldap.url=ldap://172.16.2.217:3060
user.create.bases=cn=users,dc=hmm,dc=com
username.attr=uid
oidusername=cn=orcladmin
oiduserpassword=Amman123
user.search.bases=cn=users,dc=hmm,dc=com
group.search.bases=cn=groups,dc=hmm,dc=com
GROUP_CLASSES=cn=groups,dc=hmm,dc=com
oidsubscribername=dc=hmm,dc=com
oidsubscribername1=dc=us,dc=hmm,dc=com
this is my attriibutes
String[] groupCreateBases= {rb.getString("group.search.bases")};. It is an array as usercreate.
also you did not tell me what group class means? and your code for creating a group
unfortunately i dont know,.
but now im trying to search all roles and i found that i dont have the attribute DEFAULT_ROLE
how could i found it or if you implement this class please send me the ersource bundle file so i can find all the variables on it
best regards
tareq DEFAULT_ROLE is not an attribute. It is just a role that already exists and i am assigning it to the user that i am creating. It could be any name that you want and already exists in the directory server.
ok thx alot
hi there am having this error Error(48,16): cannot find variable IdentityStoreConfigurator,Error(52,16): cannot find variable IdentityStoreConfigurator
in this method
public static IdentityStore getStoreInstance() {
return IdentityStoreConfigurator.initializeDefaultStore();
}
public static IdentityStoreFactory getIdentityStoreFactory() {
return IdentityStoreConfigurator.idStoreFactory;
}
what could be the problem am in jdeveloper 11.1.1.6.0 i have just copy your code i have not edit anything yet
where is private static final ResourceBundle rb =
ResourceBundle.getBundle("yourresourcebundlelocation"); located
hi when i click my adduser button am geting this error Expecting string[], am i jdeveloper 11.1.1.6.0, my stack trace is
ADF: Adding the following JSF error message: Expecting string[]
java.lang.RuntimeException: java.lang.RuntimeException: Expecting string[]
at oracle.security.idm.providers.stdldap.LDConfiguration.setProperty(LDConfiguration.java:1175)
at oracle.security.idm.providers.stdldap.LDConfiguration.setStoreLevelConfig(LDConfiguration.java:177)
at oracle.security.idm.providers.stdldap.LDConfiguration.setup(LDConfiguration.java:138)
at oracle.security.idm.providers.oid.OIDIdentityStore.getConfigurationInstance(OIDIdentityStore.java:51)
at oracle.security.idm.providers.stdldap.LDIdentityStore.setupStore(LDIdentityStore.java:155)
at oracle.security.idm.providers.oid.OIDIdentityStoreFactory.getIdentityStoreInstance(OIDIdentityStoreFactory.java:76)
at Searchusr.OIDOperations.connect(OIDOperations.java:55)
at Searchusr.OIDOperations.assignRolesToUser(OIDOperations.java:74)
at Searchusr.SearchModuleImpl.RowButtonListener(SearchModuleImpl.java:50)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.adf.model.binding.DCInvokeMethod.invokeMethod(DCInvokeMethod.java:657)
at oracle.adf.model.binding.DCDataControl.invokeMethod(DCDataControl.java:2143)
at oracle.adf.model.bc4j.DCJboDataControl.invokeMethod(DCJboDataControl.java:3114)
at oracle.adf.model.binding.DCInvokeMethod.callMethod(DCInvokeMethod.java:261)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1635)
at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2150)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:740)
at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(PageLifecycleImpl.java:402)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(FacesCtrlActionBinding.java:252)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:185)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.el.parser.AstValue.invoke(Unknown Source)
at com.sun.el.MethodExpressionImpl.invoke(Unknown Source)
at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53)
at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1256)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)
at org.apache.myfaces.trinidad.component.UIXCollection.broadcast(UIXCollection.java:148)
at org.apache.myfaces.trinidad.component.UIXTable.broadcast(UIXTable.java:279)
at oracle.adf.view.rich.component.UIXTable.broadcast(UIXTable.java:145)
at oracle.adf.view.rich.component.rich.data.RichTable.broadcast(RichTable.java:402)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:889)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:379)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:194)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: java.lang.RuntimeException: Expecting string[]
at oracle.security.idm.providers.stdldap.LDConfiguration.setRoleSearchBase(LDConfiguration.java:1123)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.security.idm.providers.stdldap.LDConfiguration.setProperty(LDConfiguration.java:1162)
... 77 more
ADF: Adding the following JSF error message: Expecting string[]
java.lang.RuntimeException: Expecting string[]
at oracle.security.idm.providers.stdldap.LDConfiguration.setRoleSearchBase(LDConfiguration.java:1123)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.security.idm.providers.stdldap.LDConfiguration.setProperty(LDConfiguration.java:1162)
at oracle.security.idm.providers.stdldap.LDConfiguration.setStoreLevelConfig(LDConfiguration.java:177)
at oracle.security.idm.providers.stdldap.LDConfiguration.setup(LDConfiguration.java:138)
at oracle.security.idm.providers.oid.OIDIdentityStore.getConfigurationInstance(OIDIdentityStore.java:51)
at oracle.security.idm.providers.stdldap.LDIdentityStore.setupStore(LDIdentityStore.java:155)
at oracle.security.idm.providers.oid.OIDIdentityStoreFactory.getIdentityStoreInstance(OIDIdentityStoreFactory.java:76)
at Searchusr.OIDOperations.connect(OIDOperations.java:55)
at Searchusr.OIDOperations.assignRolesToUser(OIDOperations.java:74)
at Searchusr.SearchModuleImpl.RowButtonListener(SearchModuleImpl.java:50)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.adf.model.binding.DCInvokeMethod.invokeMethod(DCInvokeMethod.java:657)
at oracle.adf.model.binding.DCDataControl.invokeMethod(DCDataControl.java:2143)
at oracle.adf.model.bc4j.DCJboDataControl.invokeMethod(DCJboDataControl.java:3114)
at oracle.adf.model.binding.DCInvokeMethod.callMethod(DCInvokeMethod.java:261)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1635)
at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2150)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:740)
at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(PageLifecycleImpl.java:402)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(FacesCtrlActionBinding.java:252)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:185)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.el.parser.AstValue.invoke(Unknown Source)
at com.sun.el.MethodExpressionImpl.invoke(Unknown Source)
at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53)
at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1256)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)
at org.apache.myfaces.trinidad.component.UIXCollection.broadcast(UIXCollection.java:148)
at org.apache.myfaces.trinidad.component.UIXTable.broadcast(UIXTable.java:279)
at oracle.adf.view.rich.component.UIXTable.broadcast(UIXTable.java:145)
at oracle.adf.view.rich.component.rich.data.RichTable.broadcast(RichTable.java:402)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:889)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:379)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:194)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
ADF: Adding the following JSF error message: Expecting string[]
java.lang.RuntimeException: java.lang.RuntimeException: Expecting string[]
at oracle.security.idm.providers.stdldap.LDConfiguration.setProperty(LDConfiguration.java:1175)
at oracle.security.idm.providers.stdldap.LDConfiguration.setStoreLevelConfig(LDConfiguration.java:177)
at oracle.security.idm.providers.stdldap.LDConfiguration.setup(LDConfiguration.java:138)
at oracle.security.idm.providers.oid.OIDIdentityStore.getConfigurationInstance(OIDIdentityStore.java:51)
at oracle.security.idm.providers.stdldap.LDIdentityStore.setupStore(LDIdentityStore.java:155)
at oracle.security.idm.providers.oid.OIDIdentityStoreFactory.getIdentityStoreInstance(OIDIdentityStoreFactory.java:76)
at Searchusr.OIDOperations.connect(OIDOperations.java:55)
at Searchusr.OIDOperations.assignRolesToUser(OIDOperations.java:74)
at Searchusr.SearchModuleImpl.RowButtonListener(SearchModuleImpl.java:50)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.adf.model.binding.DCInvokeMethod.invokeMethod(DCInvokeMethod.java:657)
at oracle.adf.model.binding.DCDataControl.invokeMethod(DCDataControl.java:2143)
at oracle.adf.model.bc4j.DCJboDataControl.invokeMethod(DCJboDataControl.java:3114)
at oracle.adf.model.binding.DCInvokeMethod.callMethod(DCInvokeMethod.java:261)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1635)
at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2150)
at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:740)
at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(PageLifecycleImpl.java:402)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(FacesCtrlActionBinding.java:252)
at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:185)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.el.parser.AstValue.invoke(Unknown Source)
at com.sun.el.MethodExpressionImpl.invoke(Unknown Source)
at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53)
at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1256)
at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)
at org.apache.myfaces.trinidad.component.UIXCollection.broadcast(UIXCollection.java:148)
at org.apache.myfaces.trinidad.component.UIXTable.broadcast(UIXTable.java:279)
at oracle.adf.view.rich.component.UIXTable.broadcast(UIXTable.java:145)
at oracle.adf.view.rich.component.rich.data.RichTable.broadcast(RichTable.java:402)
at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:889)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:379)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:194)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:205)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:106)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:446)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:271)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:177)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: java.lang.RuntimeException: Expecting string[]
at oracle.security.idm.providers.stdldap.LDConfiguration.setRoleSearchBase(LDConfiguration.java:1123)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at oracle.security.idm.providers.stdldap.LDConfiguration.setProperty(LDConfiguration.java:1162)
... 77 more
my code is
{code}
public class OIDOperations {
public OIDOperations() {
super();
}
public IdentityStore connect() {
IdentityStore oidStore = null;
System.out.println("*****************start*********+");
try{
IdentityStoreFactoryBuilder builder = new IdentityStoreFactoryBuilder();
IdentityStoreFactory oidFactory = null;
Hashtable factEnv = new Hashtable();
// Creating the factory instance
factEnv.put(OIDIdentityStoreFactory.ST_SECURITY_PRINCIPAL,"username");
factEnv.put(OIDIdentityStoreFactory.ST_SECURITY_CREDENTIALS,"password");
factEnv.put(OIDIdentityStoreFactory.ST_LDAP_URL,"url");
oidFactory = builder.getIdentityStoreFactory("oracle.security.idm.providers.oid.OIDIdentityStoreFactory", factEnv);
Hashtable storeEnv = new Hashtable();
storeEnv.put(OIDIdentityStoreFactory.ADF_IM_SUBSCRIBER_NAME,"subscribername");
storeEnv.put(OIDIdentityStoreFactory.RT_GROUP_SEARCH_BASES,"groups");
oidStore = oidFactory.getIdentityStoreInstance(storeEnv);
StoreConfiguration conf = oidStore.getStoreConfiguration();
conf.setProperty("RT_USER_SEARCH_BASES", "searchbase");
} catch (IMException e) {
}
return oidStore;
}
/**
* Assigns the specified role to the user
* @param roleNames the roles to assign
* @param userName the user to assign role to
* @return the set of users who are assigned roles
*/
public Set assignRolesToUser(Set roleNames,String userName){
Set rolesAssigned=new HashSet();
String methodName=Thread.currentThread().getStackTrace()[1].getMethodName();
IdentityStore store = connect();
String roleName=null;
try {
User user= store.searchUser(userName);
Principal userPrincipal=user.getPrincipal();
RoleManager rm=store.getRoleManager();
Iterator it=roleNames.iterator();
while(it.hasNext()){
roleName=(String)it.next();
Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName);
if(!rm.isGranted(role, user.getPrincipal())){
rm.grantRole(role,userPrincipal);
rolesAssigned.add(roleName);
}
}
} catch (IMException e) {
e.printStackTrace();
//OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e);
//throw new JboException("Could not assign role ["+roleName+"] to the user ["+userName +"] due to "+e.getMessage());
}
finally {
try{
store.close();
}
catch (IMException e) {
e.printStackTrace();
// OIDLogger.severe("Exception occured in closing store");
}
}
return rolesAssigned;
}
/**
* Assigns the specified role to the user
* @param roleName the role to assign
* @param users the users to assign role to
* @return The users who are assigned the role
*/
public Set assignRoleToUsers(String roleName,Map users){
Set usersAssigned=new HashSet();
String methodName=Thread.currentThread().getStackTrace()[1].getMethodName();
IdentityStore store= connect();
Set entrySet = users.entrySet();
Iterator it=entrySet.iterator();
String userName=null;
try {
Role role= store.searchRole(IdentityStore.SEARCH_BY_NAME,roleName);
RoleManager rm=store.getRoleManager();
while(it.hasNext()){
Map.Entry entry=(Map.Entry)it.next();
userName=(String)entry.getKey();
User user= store.searchUser(userName);
if(!rm.isGranted(role, user.getPrincipal())){
rm.grantRole(role, user.getPrincipal());
usersAssigned.add(user);
}
}
} catch (IMException e) {
// OIDLogger.severe("Exception in "+methodName + "Could not assign role ["+roleName+"] to the user ["+userName +"] because of " +e.getMessage() +" ", e);
}
finally {
try{
store.close();
}
catch (IMException e) {
// OIDLogger.severe("Exception occured in closing store");
}
}
return usersAssigned;
}
}
{code}
at Searchusr.OIDOperations.connect(OIDOperations.java:55)= oidStore = oidFactory.getIdentityStoreInstance(storeEnv);
at Searchusr.OIDOperations.assignRolesToUser(OIDOperations.java:74)= IdentityStore store = connect();
at Searchusr.SearchModuleImpl.RowButtonListener(SearchModuleImpl.java:50)= result.assignRolesToUser(roleName, usrName);
hi there
im trying to implement this class.
i successfully create user to oid but when trying to create groups i got this message:adf oid exception Error in reading the attribute list of role .
this is my attributes in the resource bundle:
ldap.url=ldap://172.16.2.217:3060
user.create.bases=cn=users,dc=hmm,dc=com
username.attr=uid
oidusername=cn=orcladmin
oiduserpassword=password
user.search.bases=cn=users,dc=hmm,dc=com
group.search.bases=cn=groups,dc=hmm,dc=com
GROUP_CLASSES=cn=groups,dc=hmm,dc=com
oidsubscribername=dc=hmm,dc=com
oidsubscribername1=dc=us,dc=hmm,dc=com
best regards