This
post illustrates implementing a post process event handler on enable operation.
Background:
In an Identity
Management system, any action performed by a user or system is called an operation.
The process of any Oracle Identity Manager operation that goes through a
predefined set of stages and executes some business logic in each stage is
called an orchestration.
Orchestration
is divided into predefined steps called stages:
- Validation
- Preprocess
- Action
- Audit
- Postprocess
- Finalization
An event handler is a
piece of code that is registered with an orchestration on various stages. These
event handlers are invoked when the relevant orchestration stage is performed.
Event handlers can either be asynchronous or synchronous.A synchronous event
handler returns with a response right away, whereas an asynchronous event
handler completes at a later stage.
The supported orchestration
stages in which a custom event handler can be registered are validation,
preprocess, and postprocess.
Event handler can be invoked on CREATE,MODIFY,ENABLE,DISABLE oim operations.
An event
handler consists of the following:
- Java code: Implementation of the operations
- XML definition: Association with the relevant orchestration at the right stage
- Plug-in definition: Registration of the event handlers and any extension code with Oracle Identity Manager plug-in framework.
In order to develop a
custom event handler, one needs to implement one of the following SPI's
Preprocess(Stage) oracle.iam.platform.kernel.spi.PreProcessHandler(Interface)
Postprocess oracle.iam.platform.kernel.spi.PostProcessHandler
Validation oracle.iam.platform.kernel.spi.ValidationHandler
More Read: Oracle's Guide for Event Handlers
Description:
This custom event
handler resets user's password on enable operation. This is triggered when a user
is enabled in OIM.
plugin.xml
<?xml
version="1.0" encoding="UTF-8"?>
<oimplugins
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<plugins
pluginpoint="oracle.iam.platform.kernel.spi.EventHandler">
<plugin
pluginclass= "com.idm.custom.eventhandler.RestPasswordOnEnable"
version="1.0" name="RestPasswordOnEnable">
</plugin>
</oimplugins>
Metadata XML
<?xml
version="1.0" encoding="UTF-8"?>
<eventhandlers
xmlns="http://www.oracle.com/schema/oim/platform/kernel"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.oracle.com/schema/oim/platform/kernel
orchestration-handlers.xsd">
<action-handler
class="com.idm.custom.eventhandler.RestPasswordOnEnable"
entity-type="User" operation="ENABLE"
name="RestPasswordOnEnable" stage="postprocess"
order="LAST" sync="FALSE"/>
</eventhandlers>
Source code:
import
java.io.Serializable;
import java.util.HashMap;
import
java.util.logging.Level;
import
java.util.logging.Logger;
import oracle.core.ojdl.logging.ODLLogger;
import oracle.iam.identity.exception.NoSuchUserException;
import oracle.iam.identity.exception.UserManagerException;
import oracle.iam.identity.usermgmt.api.UserManager;
import oracle.iam.platform.Platform;
import oracle.iam.platform.authz.exception.AccessDeniedException;
import oracle.iam.platform.kernel.spi.PostProcessHandler;
import oracle.iam.platform.kernel.vo.AbstractGenericOrchestration;
import oracle.iam.platform.kernel.vo.BulkEventResult;
import oracle.iam.platform.kernel.vo.BulkOrchestration;
import oracle.iam.platform.kernel.vo.EventResult;
import oracle.iam.platform.kernel.vo.Orchestration;
public class RestPasswordOnEnable
implements PostProcessHandler {
private static final Logger logger = ODLLogger.getLogger(LOGGER_NAME);
@Override
public EventResult execute(long arg0, long arg1,
Orchestration orchestration) {
HashMap<String,Serializable> paramsMap =
orchestration.getParameters();
if(orchestration.getOperation().equalsIgnoreCase("ENABLE")){
try{
executeEvent(parasMap,orchestration.
getTarget().getType(),orchestration.
getTarget().getEntityId());
}
catch(Exception e) {
logger.severe("Exception occurred :"+e.getMessage());
e.printStackTrace();
}
}
return null;
}
@Override
public BulkEventResult execute(long arg0, long arg1, BulkOrchestration
bulkOrchestration) {
try{
HashMap<String,
Serializable>[] bulkParameters
=bulkOrchestration.getBulkParameters();
String[] entityIds =
bulkOrchestration.getTarget()
.getAllEntityId();//get all user's key
logger.info("Entity/User
Id ["+entityIds+"]");
logger.info("Bulk users
count is"+ entityIds.length);
if(bulkOrchestration.getOperation().equalsIgnoreCase("ENABLE")){
for (int i = 0; i < bulkParameters.length; i++) {
try {
executeEvent(bulkParameters[i],
bulkOrchestration.getTarget()
.getType(), entityIds[i]);
}catch (Exception e) {
logger.severe("Exception occurred while exceuting bulk
event:"+e.getMessage());
e.printStackTrace();
}
}
}
}
catch(Exception e) {
logger.severe("Exception occurred:"+e.getMessage());
e.printStackTrace();
}
return null;
}
private void
executeEvent(HashMap<String, Serializable>
parameterHashMap,String targetType,
String entityId) {
UserManager userManager = Platform.getService(UserManager.class);
String password="random";
if(password!=null){
try {
userManager.changePassword(entityId,
password.trim().toCharArray(),false,false);
logger.info("User Password
reset on Enable Operation");
}catch (NoSuchUserException
e) {
logger.severe("Exception
occurred while changing password
on ENABLE operation:"+e.getMessage());
e.printStackTrace();
} catch (UserManagerException
e) {
logger.severe("Exception
occurred while changing password
on ENABLE operation:"+e.getMessage());
e.printStackTrace();
} catch (AccessDeniedException
e) {
logger.severe(" Exception
occurred while changing password
on ENABLE operation:"+e.getMessage());
e.printStackTrace();
}
}
}
}
After
developing the event handler, create a zip and register it in OIM.
The above code is really awesome for beginner and middle level developers
ReplyDelete