Sunday, December 21, 2014

Account API: how to get and set account attributes

There are 2 type of Account objects:

  • com.netegrity.llsdk6.imsapi.managedobject.Account
  • com.ca.identitymanager.provisioning.managedobject.Account

For quick answer to question : how to get and set account attributes?
I will use the second one API to get/set account attributes.


The first one,com.netegrity.llsdk6.imsapi.managedobject.Account, you can get from User Object



Vector<Account> accounts = user.getAccounts();


Pros:
- Easy to get object
Cons:
- This code is so slow because you have to get all account and query from all endpoint.
- contains a few methods.

I prefer the second one,com.ca.identitymanager.provisioning.managedobject.Account,

 Pros:
- So powerful, it has method setAttribute(), you can set value to account
- You can  get account by specific endpoint.
Cons:
- A little bit difficult to initiate AccountProvider Object

For more detail let see Chapter 9 of CA Identity Manager Volume II: Learn by Example Code. I just showed how to use the API (the second one) to update account attributes. I put employee number then my code disable AD account by setting attribute




account.setAttribute(Account.PROPERTY_LOCKED_STATE,"TRUE");


You can see java doc here:
  • https://support.ca.com/cadocs/0/CA%20IdentityMinder%2012%206%203-JPN/Bookshelf_Files/javadoc-im/com/ca/identitymanager/provisioning/managedobject/Account.html

  • https://support.ca.com/cadocs/0/CA%20IdentityMinder%2012%206%203-JPN/Bookshelf_Files/javadoc-im/com/netegrity/llsdk6/imsapi/managedobject/Account.html

Posted by at No comments:

Monday, October 20, 2014

How to develop JSP Screen for CA IdentityMinder

You can use JSP as a screen.

Our example, we create admin task called "Custom JSP"
  • Primary Object is User
  • Action is View

Select search screen and select Tab "Tabs"

And add JSP, click icon pencil and select JSP files

 If you use weblogic, you can place JSP file at <WebLogic Home>\user_projects\domains\base_domain\applications\iam_im.ear\user_console.war\app\page\jsp

Save this admin task and assign to admin role.

Create JSP file named custom.jsp



<%@page import="com.netegrity.webapp.page.TaskController"%>
<%@page import="com.netegrity.llsdk6.imsapi.managedobject.Account"%>
<%@page import="java.util.Vector"%>
<%@ page import="com.netegrity.llsdk6.imsapi.managedobject.User" %>
<%@ page import="com.netegrity.webapp.UIContext" %>
<%@ page import="com.netegrity.llsdk6.imsapi.*" %>
<%@ page import="com.netegrity.llsdk6.imsapi.provider.UserProvider" %>

<%
      TaskController taskController = (TaskController)request.getAttribute("TaskController");
      User user = (User)taskController.getTaskSession().getSubject();
     
%>

<H1>Hello <%=user.getFriendlyName()%></H1>

Unique Name: <%=user.getUniqueName()%><br/>

List of accounts:<br/>
<%
      Vector<Account> accounts = user.getAccounts();
      for(Account account:accounts){
            out.println("  <li> Account Name:"+account.getUserAccountName()+" Endpoint: "+ account.getEndPointName()+"</li>");           
      }
%>

<%
      User admin = UIContext.getUser(request);
%>

Calling by <%=admin.getFriendlyName()%>


PS. you can see how to set class path form book or CA bookshelf.

This code gets user information and display accounts






The key API is:

1. Get TaskSession to get user Object




TaskController taskController = (TaskController)request.getAttribute("TaskController");
      User user = (User)taskController.getTaskSession().getSubject();


2. UIContext, this API you can call Provider Accessor, for example getUserProvider.



UIContext.getUser(request);


JSP code is open for you to use any java code to access database or web services. You download JSP code here: http://www.caidentitymanagerbook.com/tutorial.html


Posted by at No comments:
Subscribe to: Posts (Atom)