Pages

Wednesday, July 25, 2012

Enabling the SSL Oracle Identity Manager Design Console

To enable the SSL for Oracle Identity Manager Design Console divided into two sections. They are

1.    Configuring the OIM Design Console


       The following task's needs to be performed to enable the SSL for Oracle Identity Manager Design Console. They are

1.1    Copy Jar Files


1.1.1    Login into the OIM Server.
1.1.2    Copy the webserviceclient+ssl.jar and cryptoj.jar from the $WLS_HOME/lib to      $OIM_ORACLE_HOME/designconsole/ext directory

1.2    Configuring classpath.sh


1.2.1    Go to the Go to the $OIM_ORACLE_HOME/designconsole directory and edit the classpath.sh file and add the following content before $CLASSPATH. They are

         :./ext/cryptoj.jar:./ext/webserviceclient+ssl.jar

1.2.2       Define the TRUSTSTORE_LOCATION variable in the classpath.sh file.

          TRUSTSTORE_LOCATION = "OIM Trust Store.jks"

          export TRUSTSTORE_LOCATION

1.3    Configuring xlconfig.xml


1.3.1     Go to the $OIM_ORACLE_HOME/designconsole/config directory and edit the xlconfig.xml file.

1.3.2     Modify the following parameters

<ApplicationURL>https://localhost:<sslport>/xlWebApp/loginWorkflowRenderer.do</ApplicationURL>

<java.naming.provider.url>t3s://localhost:<sslport>/oim</java.naming.provider.url>

1.4    Configuring xlclient.sh


1.4.1    Go to the Go to the $OIM_ORACLE_HOME/designconsole/ directory and edit the xlclient.sh file and add the following content if your using Self Signed Cert or root certificate is not trusted authority provider.

1.4.1.1    Turn off the SSL Constraints
              -Dweblogic.security.SSL.enforceConstraints=off \

1.4.1.2    Turn Off the Host Name Verification
        -Dweblogic.security.SSL.ignoreHostnameVerification=true \

1.4.1.3    Turn Off the default Random Number Generator.      
       The changing default Random Number generator shown in the log as follows

       <Jul 25, 2012 11:51:50 AM PDT> <Info> <Security> <BEA-090906> <Changing the default Random Number Generator in RSA CryptoJ from ECDRBG to FIPS186PRNG. To disable this change, specify -Dweblogic.security.allowCryptoJDefaultPRNG=true>

     To turn of the off the random generator number in the log add the following flag.

    -Dweblogic.security.allowCryptoJDefaultPRNG=true \

    
1.4.1.4    Debug the SSL Parameters    
       -Dssl.debug=true \

     -Dweblogic.StdoutDebugEnabled=true \

1.5    Sample xlclient.sh file


After configuring the xlclient.sh file and the file content should be following format.

    java -DXL.ExtendedErrorOptions=TRUE \
   -DXL.HomeDir=. -Djava.security.policy=config/xl.policy \
   -Djava.security.manager -Djava.security.auth.login.config=config/authwl.conf \
   -Dlog4j.configuration=config/log.properties \
   -Dweblogic.security.SSL.trustedCAKeyStore=$TRUSTSTORE_LOCATION \
   -Dweblogic.security.SSL.enforceConstraints=off \
   -Dweblogic.security.SSL.ignoreHostnameVerification=true \
   -Dweblogic.security.allowCryptoJDefaultPRNG=true \
   -Dssl.debug=true \
   -Dweblogic.StdoutDebugEnabled=true \
   -cp $CLASSPATH com.thortech.xl.client.base.tcAppWindow -server server

2.    Common Errors

2.1    crptoj.jar file missing in the designconsole/ext directory


The cryptoj.jar file is available in the $WLS_HOME/lib directory. Copy the cryptoj.jar file from $WLS_HOME/lib to designconsole/ext directory.
                  If the cryptoj.jar file is not available in the $WLS_HOME/lib directory, please contact the oracle support and refer the article id: 1422084.1.

2.2    javax.security.auth.login.LoginException: java.lang.RuntimeException: Failed to instantiate MD5 SecureRandom: Unsupported algorithm


The javax.security.auth.login.LoginException: java.lang.RuntimeException: Failed to instantiate MD5 SecureRandom: Unsupported algorithm exception is thrown after clicking the Login Button in the Oracle Identity Manager Design Console.

Error:

Error Keyword: DAE.LOGON_DENIED
Description: Invalid Login.
Remedy: Contact your system administrator.
Action: E
Severity: H
Help URL:
Detail:
javax.security.auth.login.LoginException: java.lang.RuntimeException: Failed to instantiate MD5 SecureRandom: Unsupported algorithm, MD5Random, selected for FIPS140 mode: FIPS140_SSL
 at com.certicom.tls.interfaceimpl.TLSSystem.getRandomNumberGenerator(Unknown Source)
 at com.certicom.tls.record.handshake.MessageRandom.initialize(Unknown Source)
 at com.certicom.tls.record.handshake.MessageRandom.<init>(Unknown Source)
 at com.certicom.tls.record.handshake.HandshakeHandler.startHandshake(Unknown Source)
 at com.certicom.tls.interfaceimpl.TLSConnectionImpl.startHandshake(Unknown Source)
 at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
 at com.certicom.tls.record.WriteHandler.write(Unknown Source)
 at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
 at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
 at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
 at java.io.DataOutputStream.flush(DataOutputStream.java:107)
 at weblogic.rjvm.t3.MuxableSocketT3.connect(MuxableSocketT3.java:406)
 at weblogic.rjvm.t3.ConnectionFactoryT3S.createConnection(ConnectionFactoryT3S.java:44)
 at weblogic.rjvm.ConnectionManager.createConnection(ConnectionManager.java:1784)
 at weblogic.rjvm.ConnectionManager.findOrCreateConnection(ConnectionManager.java:1424)
 at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:443)
 at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:322)
 at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:254)
 at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:197)
 at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:238)
 at weblogic.rjvm.RJVMFinder.findOrCreateInternal(RJVMFinder.java:200)
 at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:170)
 at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:153)
 at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:96)
 at weblogic.security.auth.Authenticate.authenticate(Authenticate.java:80)
 at weblogic.security.auth.login.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:184)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
 at java.lang.reflect.Method.invoke(Method.java:597)
 at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
 at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
 at javax.security.auth.login.LoginContext$4.run(LoginContext.java:684)
 at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
 at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
 at Thor.API.Security.LoginHandler.weblogicLoginHandler.login(weblogicLoginHandler.java:62)
 at oracle.iam.platform.OIMClient.login(OIMClient.java:134)
 at oracle.iam.platform.OIMClient.login(OIMClient.java:114)
 at com.thortech.xl.client.base.tcAppWindow.internalLogin(tcAppWindow.java:585)
 at com.thortech.xl.client.base.tcAppWindow.login(tcAppWindow.java:504)
 at com.thortech.xl.client.base.tcAppWindow.<init>(tcAppWindow.java:118)
 at com.thortech.xl.client.base.tcAppWindow.main(tcAppWindow.java:174)

Solution:

 The cryptoj.jar file is missing in the $WLS_HOME/lib directory. Please refer the article id 1422084.1 in the oracle support to resolve the above issue.

Wednesday, July 18, 2012

oracle.iam.platformservice.exception.PlatformServiceException: java.io.FileNotFoundException

Problem:

 The Oracle Identity Manager Client throwing the following exception while upload or update or download the files from the Oracle Identity Manager. 

Error:

 
oracle.iam.platformservice.exception.PlatformServiceException: java.io.FileNotFoundException: C:\Scheduler\lib\TestAbc.jar is not found
    at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
    at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
    at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
    at oracle.iam.platformservice.api.PlatformUtilsService_agm3g1_PlatformUtilsServiceRemoteImpl_1035_WLStub.uploadJarsx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
    at $Proxy2.uploadJarsx(Unknown Source)
    at oracle.iam.platformservice.api.PlatformUtilsServiceDelegate.uploadJars(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
    at weblogic.security.Security.runAs(Security.java:41)
    at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
    at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
    at $Proxy3.uploadJars(Unknown Source)
    at edu.sfsu.connector.ad.deploy.UploadJars.processJars(UploadJars.java:73)
    at edu.sfsu.connector.ad.deploy.UploadJars.processJavaTasks(UploadJars.java:39)
    at edu.sfsu.connector.ad.deploy.UploadJars.main(UploadJars.java:104)
Caused by: oracle.iam.platformservice.exception.PlatformServiceException: java.io.FileNotFoundException: C:\Scheduler\lib\TestAbc.jar is not found
    at oracle.iam.platformservice.impl.PlatformUtilsServiceImpl.uploadJars(PlatformUtilsServiceImpl.java:105)
    at oracle.iam.platformservice.api.PlatformUtilsServiceEJB.uploadJarsx(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
    at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
    at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
    at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
    at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
    at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
    at $Proxy423.uploadJarsx(Unknown Source)
    at oracle.iam.platformservice.api.PlatformUtilsService_agm3g1_PlatformUtilsServiceRemoteImpl.__WL_invoke(Unknown Source)
    at weblogic.ejb.container.internal.SessionRemoteMethodInvoker.invoke(SessionRemoteMethodInvoker.java:40)
    at oracle.iam.platformservice.api.PlatformUtilsService_agm3g1_PlatformUtilsServiceRemoteImpl.uploadJarsx(Unknown Source)
    at oracle.iam.platformservice.api.PlatformUtilsService_agm3g1_PlatformUtilsServiceRemoteImpl_WLSkel.invoke(Unknown Source)
    at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:667)
    at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
    at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:522)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
    at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:518)
    at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
Caused by: java.io.FileNotFoundException: C:\Scheduler\lib\TestAbc.jar is not found
    at oracle.iam.platformservice.impl.PlatformUtilsServiceImpl.LoadJarToDB(PlatformUtilsServiceImpl.java:199)
    at oracle.iam.platformservice.impl.PlatformUtilsServiceImpl.uploadJars(PlatformUtilsServiceImpl.java:93)
    ... 35 more

Cause:

PlatformUtilsService methods are executing the remote OIM Client. So the OIM Server checking the uploaded or updated file in the local OIM server instance.

Solution:

Login into the OIM Installed Server and execute the  PlatformUtilsService methods using the OIM Client and the File Not Found issue will be resolved.

Tuesday, July 17, 2012

PlatformUtilsService API Example

The PlatformUtilsService inteface API being used to purge the cache,Upload Jar Files,Update Jar Files, DownLoad Jar Files, and Delete Jar Files in the OIM Server.

Pre-Requisite:


Initial Setup.

Please follow the link and setup the OIM client environment to use to create the OIM Objects.

Client Code Setup

Note: Update, download and delete Jar file functions will only work in the Oracle Identity Manager Local Server instance. Please execute the PlatformUtilsService methods in the Oracle Identity Manager local instance.

PlatformUtilsService API Usage:

The following tasks needs to be performed to purge the cache in the  Oracle Identity Manager Server. They are

1.    Create the OIMClient Handle


OIMClient client= new OIMClient();
client.login(username,password.toCharArray());

2.    Get PlatformUtilsService service object


PlatformUtilsService service= client.getService(PlatformUtilsService.class);

3.   Purge the Cache All

service.purgeCache("All");

4.   Building Upload Jar Set Elements Objects

The following type of jar files you can upload to the OIM Server. They are

4.1 JavaTasks

Set<JarElement> jarElements= new HashSet<JarElement>();

JarElement javatask= new  JarElement();
javatask.setType("JavaTasks");
javatask.setPath("Aboslute path of the FileName.jar");
javatask.setName("FileName.jar");
jarElements.add(javatask);


4.2 ThirdParty

JarElement thirdparty= new  JarElement();
thirdparty.setType("ThirdParty");
thirdparty.setPath("Aboslute path of the FileName.jar");
thirdparty.setName("FileName.jar");
jarElements.add(thirdparty);

4.3 ScheduleTask

JarElement scheduletask= new  JarElement();
scheduletask.setType("ScheduleTask");
scheduletask.setPath("Aboslute path of the FileName.jar");
scheduletask.setName("FileName.jar");
jarElements.add(scheduletask);
 

5.   Upload Jar to the OIM Server

service.uploadJars(jarElements); 

6.   Building Updated Jar Set Elements Objects

The following type of jar files you can update to the OIM Server. They are

6.1 JavaTasks

Set<JarElement> updateElements= new HashSet<JarElement>();

JarElement ujavatask= new  JarElement();
ujavatask.setType("JavaTasks");
ujavatask.setPath("Aboslute path of the FileName.jar");
ujavatask.setName("FileName.jar");
updateElements.add(ujavatask);


6.2 ThirdParty

JarElement uthirdparty= new  JarElement();
uthirdparty.setType("ThirdParty");
uthirdparty.setPath("Aboslute path of the FileName.jar");
uthirdparty.setName("FileName.jar");
updateElements.add(uthirdparty);

6.3 ScheduleTask

JarElement uscheduletask= new  JarElement();
uscheduletask.setType("ScheduleTask");
uscheduletask.setPath("Aboslute path of the FileName.jar");
uscheduletask.setName("FileName.jar");
updateElements.add(uscheduletask);
 

7.   Update Jar to the OIM Server

service.updateJars(updateElements); 

 

8.   Building Downloaded Jar Set Elements Objects

The following type of jar files you can update to the OIM Server. They are

8.1 JavaTasks

Set<JarElement> downloadElements= new HashSet<JarElement>();

JarElement dljavatask= new  JarElement();
dljavatask.setType("JavaTasks");
dljavatask.setPath("Dowload Directory");
dljavatask.setName("FileName.jar");
downloadElements.add(dljavatask);


8.2 ThirdParty

JarElement dlthirdparty= new  JarElement();
dlthirdparty.setType("ThirdParty");
dlthirdparty.setPath("Dowload Directory");
dlthirdparty.setName("FileName.jar");
downloadElements.add(dlthirdparty);

8.3 ScheduleTask

JarElement dlscheduletask= new  JarElement();
dlscheduletask.setType("ScheduleTask");
dlscheduletask.setPath("Dowload Directory");
dlscheduletask.setName("FileName.jar");
downloadElements.add(dlscheduletask);
 

9.   Download Jars from the OIM Server

service.downloadJars(downloadElements); 


10.   Building Delete Jar Set Elements Objects

The following type of jar files you can update to the OIM Server. They are

10.1 JavaTasks

Set<JarElement> deleteElements= new HashSet<JarElement>();

JarElement deljavatask= new  JarElement();
deljavatask.setType("JavaTasks");
deljavatask.setName("FileName.jar"); deleteElements.add(dljavatask);


10.2 ThirdParty

JarElement delthirdparty= new  JarElement();
dlthirdparty.setType("ThirdParty");
dlthirdparty.setName("FileName.jar");
deleteElements.add(dlthirdparty);

10.3 ScheduleTask

JarElement delscheduletask= new  JarElement();
delscheduletask.setType("ScheduleTask");
delscheduletask.setName("FileName.jar"); delscheduletask.add(dlscheduletask);
 

11.   Delete Jars from the OIM Server

service.deleteJars(deleteElements); 



12.   Verifying Jars Files Updated in the OIM Schema

Login to the OIM data base instance and verify the uploaded or updated jar files are available in the OIMHOME_JARS table. If your jar files are available, upload and update functions are working as expected.




13.   ERRORS

Please follow the url and you will see the few common errors related to the  PlatformUtilsService API executing the Upload, Update, and Download Jar files from the OIM Server.


 Common Errors


 

Monday, July 16, 2012

tcImportOperationsIntf API Example

The tcImportOperationsIntf inteface API being used to import the Deployment config files from the local system to the Oracle Identity Manager without using Deployment Manager.

Pre-Requisite:


Initial Setup.

Please follow the link and setup the OIM client environment to use to create the OIM Objects.

Client Code Setup

Add xlDDM.jar File to the CLASSPATH


Add the xlDDM.jar file into the classpath to import the OIM config objects into the OIM repository.

tcImportOperationsIntf API Usage:

The following tasks needs to be performed to import the Oracle Identity Manager config objects from the local file system to the Oracle Identity Manager without using Deployment Manager. They are

1.    Create the OIMClient Handle


OIMClient client= new OIMClient();
client.login(username,password.toCharArray());

2.    Get tcImportOperationsIntf service object


tcImportOperationsIntf import= client.getService(tcImportOperationsIntf.class);

3.   Acquiring the Lock to import the Config Files

import.acquireLock(true);

3.   Verifying the Acquire Lock Object

boolean acquire=import.isLockAcquired()

4.   Build the Config Import File Content

String importFileName="lookup.xml";
StringBuffer sb= new StringBuffer();
BufferedReader br = null;
try
{
        br = new BufferedReader(new InputStreamReader(new FileInputStream(importFileName)));
        String readLine=null;
        while((readLine =br.readLine()) != null)
        {
                    sb.append(readLine+"\n");
        }
 } catch (FileNotFoundException e)
 {
             e.printStackTrace();
 }
 catch (IOException e)
 {
       e.printStackTrace();
 }
 finally
 {
     if(br != null)
     {
       
        try
        {
           br.close();
        }
        catch (IOException e)
       {
         e.printStackTrace();
       }
    }
 }

5.   Adding Config Import XML file to the import object

if(acquire)
{
   Collection<RootObject> importFiles=import.addXMLFile(importFileName, sb.toString());

6.   Retrieving Missing Dependencies from the Import the Objects

String category="Lookup";     

Collection<RootObject> missingDepndencies= import.getMissingDependencies(importFiles, category);

7.   Processing Import Object

      if(missingDepndencies.isEmpty())
      {
        import.importOperationsIntf.performImport(importFiles);
      }
    }

Friday, July 13, 2012

tcReconciliationOperationsIntf API Example

The tcReconciliationOperationsIntf inteface API being used to create the Reconciliation Event in the Oracle Identity Manager repository.

Pre-Requisite:


Initial Setup.

Please follow the link and setup the OIM client environment to use to create the OIM Objects.

Client Code Setup


tcReconciliationOperationsIntf API Usage:

The following tasks needs to be performed to create the reconciliation event in the Oracle Identity Manager. They are

1.    Create the OIMClient Handle


OIMClient client= new OIMClient();
client.login(username,password.toCharArray());

2.    Get tcReconciliationOperationsIntf service object


tcReconciliationOperationsIntf recon= client.getService(tcReconciliationOperationsIntf.class);

3.   Build the Reconciliation Data Resource Account


Map parentdata= new HashMap();
parentdata.put("First Name","xxf") ;
parentdata.put("Last Name","xxf") ;
parentdata.put("Middle Name","xxf") ;
parentdata.put("User Id","xxf") ;
parentdata.put("It Resource",IT Resource Key) ;
parentdata.put("Status","Enabled") ;

4.   Build the Reconciliation Child Data Resource Account


 Map childarr[]= new Map[2];

Map childdata1= new HashMap();
childdata1.put("Depart Ment","Sales") ;


Map childdata2= new HashMap();
childdata2.put("Depart Ment","Sales") ;


childarr[0]=childdata1;
childarr[1]=childdata2;



4.    Verifying the Reconciliation Event Creation


String resourceName="Resource Name";
boolean raiseevent=recon.ignoreEvent("Resource Name",parentdata);

boolean childevent=recon.ignoreEventAttributeData(resourceName,parentdata,"Maulivalued Attribute Name",childarr);

5.    Creating Reconciliation Event


long reconkey=-1
if(raiseevent || childevent)
{
   reconkey= recon. createReconciliationEvent(resourceName,parentdata,false);
}

6.    Creating Child Reconciliation Event


if(reconkey !=-1)
{
     if(childevent)
    {
       for(Map childMap:childarr)
       {
           recon.addDirectMultiAttributeData(reconkey, "Maulivalued Attribute Name", childMap);
        }
         recon.providingAllMultiAttributeData(reconkey, "Maulivalued Attribute Name", true);
    }
}

7.    Completing the Reconciliation Event


recon.finishReconciliationEvent(reconkey);

Monday, July 9, 2012

Design Console java.lang.NoClassDefFoundError: javax/ejb/CreateException

Problem:


Oracle Identity Manager Design Console Throwing exception while executing the ./xlclient.sh

Exception in thread "main" java.lang.NoClassDefFoundError: javax/ejb/CreateException
        at java.lang.Class.getDeclaredMethods0(Native Method)
        at java.lang.Class.privateGetDeclaredMethods(Class.java:2427)
        at java.lang.Class.getDeclaredMethod(Class.java:1935)
        at java.awt.Component.isCoalesceEventsOverriden(Component.java:5974)
        at java.awt.Component.access$500(Component.java:170)
        at java.awt.Component$3.run(Component.java:5928)
        at java.awt.Component$3.run(Component.java:5926)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.awt.Component.checkCoalescing(Component.java:5925)
        at java.awt.Component.<init>(Component.java:5894)
        at java.awt.Container.<init>(Container.java:251)
        at java.awt.Window.<init>(Window.java:431)
        at java.awt.Frame.<init>(Frame.java:403)
        at java.awt.Frame.<init>(Frame.java:368)
        at javax.swing.JFrame.<init>(JFrame.java:158)
        at com.thortech.xl.gui.base.tcFrame.<init>(tcFrame.java:34)
        at com.thortech.xl.client.base.tcAppWindow.<init>(tcAppWindow.java:104)
        at com.thortech.xl.client.base.tcAppWindow.main(tcAppWindow.java:173)
Caused by: java.lang.ClassNotFoundException: javax.ejb.CreateException
        at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:305)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:246)
        ... 18 more



Cause: 


The wlfullclient.jar file not available in the ext directory of the design console.

Solution: 


Generate the wlfullclient.jar file and copy the jar file into the designconsole/ext directory.

Friday, July 6, 2012

Start Web Logic Cluster Admin Server


Login into the OIM Server1 and start the Web Logic as follows

 

Execute the startWebLogic.Sh

Go to  the DOMAIN_HOME and run the startWebLogic.sh file and it will start the WebLogic Admin Server. The start command is given below.




 Web Logic Server Output



Admin Console

  • Open the browser and enter the weblogic admin console url and in the following format.

  http://<Host Name>:<Port>/Console.
  http://localhost.localdomain:7001/console.

After entering url and it will display the following screen. 



Enter the Web Logic User Name and Password and Click Login Button and It will display the following screen.




Verifying the OIM and SOA Clustered Managed Servers


Click Environment --> Servers and It will display the Web Logic Admin Server and Clustered Managed Servers as follows.





Configuring Node Manager Cluster Server OIM1

Login into the OIM Server1 and Configure the Node Manager as follows.


Execute the setNMProps.sh

  • Go to the oracle_common/common/bin directory and run the setNMProps.sh file to create the nodemanager.properties file. The creation of node manager properties file as follows.



  Start The Node Manager

  • Go to the WLS_HOME/bin directory and run the ./startNodeManager.sh file and it will start the web logic Node Manager.  The node manager starting details are given below.

  • The following output shows the node manager started as a default port is 5556 in the console.




Next Step is

Starting the Web Logic Admin Clustered Server



Wednesday, July 4, 2012

Creating and Configuring Oracle Identity Manager Cluster Domain


The following  configuration needs to be done to configure the Web Logic Oracle Identity Manager Cluster. They are

Executing the Config.sh File

  • Login into the OIM1 server and go to the $WL_Home/common/bin directory and run the confg.sh command and it will show the following screen.

 

Selecting Oracle Identity Manager Component

  •  Choose Create a New WebLogic domain option and Click Next button and it will show the following screen.


  • Choose the Oracle Identity Manager 11.1.1.3 check box and click Next button and it will display the following screen.



Specifying WebLogic Domain Name and Location

  • Click Next Button and It will display the following screen.


Entering WebLogic Credentials

  • Enter the Domain Name and Leave rest as it is. Click Next button and it will display the following screen.







 Specifying WebLogic Server Mode and JDK Path

  • Enter WebLogic User Name, User Password, and Confirm Password. Click Next button and It will display the Next screen.




Configuring the JDBC Component Schema

  • Click Next button and it will display the following screen.


  • Select the Vendor and Driver from the Combo box and Enter the DBMS Service, Host Name,Port, Schema password( If your schema password is different for different users, enter the schema owner and schema password for each service). The sample data is given below.

  •  Click Next button and It will display the following screen.



 Customizing Configuration

  • If the data base connection is successful then Click Next button and it will display the following screen. If the data base connection un-success then review the errors and try again the data base connection process.


Select the Administration Server, JMS Distribution Destination, Managed Servers, Clusters and Machine Check Boxes. The example selection is given below.


Configuring Admin Server


  • Click Next button and It will display the following screen.


  • Select SSL Enabled Check box and the sample configuration is given below.
  • Click Next button and It will display the following screen.



  • Click Next button and it will display the following screen.



Configuring OIM and SOA Servers

  • Click OK button and It will display the following screen.




  • Add OIM2 server details soa_server2 and oim_server2 server configuration and sample config is given below. In the sample config oim_server1 and soa_server1 are OIM1 servers and soa_server2 and oim_server2 are OIM2 servers.



 Configuring Clusters

  • Click Next button and it will display the following screen.


Click Add button and Enter the oim and soa cluster names. The sample config is given below. In the Sample Configure Clusters screen oim cluster name is oim_cluster and soa cluster name is soa_cluster



  • Click Next button and it will display the Assign Servers to Clusters screen.



Add oim_server1, and oim_server2 to oim_cluster. Add soa_server1, and soa_server2 to soa_cluster. The sample configuration is given below.



Configuring Machines

  • Click Next button and It will display the Configure Machine screen.



  • Select Local Machine and Click Delete button and it will local machine and will display the following screen.





  • Click Unix Machine and it will display the following screen.

Click Add button twice and it will add the two unix machine names. Enter the Name is DNS name of the OIM Server Unix Host Name1 and OIM Server Unix Host Name 2 and also enter node manager listen address. This address always be DNS host name of Unix OIM1 and DNS host name of Unix OIM2. My Example i used localhost.localdomain for OIM Unix machine 1 and liyaqat.localdomain for OIM Unix Machine. Leave rest of the values default one. The Sample config data is given below.




  • Click Next button and it will display the Assign Server to Machines.



Add AdminServer1,oim_server1, and soa_server1 to localhost.localdomain machine and add oim_server2, and soa_server2 to liyaqat.localdomain machine. The sample config is given below.


Creating WebLogic Domain


  • Click Next button and It will display the Configuration Summary Screen.


Click Next Button and It will display the Configuring Domain Screen.



Click Done Button and start the Web Logic Admin Server. 


Next Step is




Monday, July 2, 2012

tcSchedulerOperationsIntf API example

The tcSchedulerOperationsIntf inteface API being used to add, update, and delete the Scheduler Task attribute from the Oracle Identity Manager repository.

Pre-Requisite:


Initial Setup.

Please follow the link and setup the OIM client environment to use to create the OIM Objects.

Client Code Setup


tcSchedulerOperationsIntf API Usage:

The following tasks needs to be performed to add, update, and delete the schedule task Attributes from Oracle Identity Manager. They are

1.    Create the OIMClient Handle


OIMClient client= new OIMClient();
client.login(username,password.toCharArray());

2.    Get tcSchedulerOperationsIntf service object


tcSchedulerOperationsIntf scheduler= client.getService(tcSchedulerOperationsIntf.class);

3.    Find the Scheduler Task Key

String schedulerName = "A D User Target Recon"
Map<String, String> params= new HashMap<String, String>();
params.put("Task Scheduler.Name", schedulerName);
tcResultSet rs= schedulerOperationsIntf.findScheduleTasks(params);
int count=rs.getRowCount();
long schedulerKey=0;
if(count >0)
{
    rs.goToRow(0);
schedulerKey=codes.put(rs.getStringValue("Task Scheduler.Name"), rs.getLongValue("Task Scheduler.Key"));
}


4.    Getting Scheduler Task Attributes


Map<String,Long> attributes= new HashMap<String,Long> ()
tcResultSet attrrs= schedulerOperationsIntf.getScheduleTaskAttributes(schedulerKey);
int scount= attrrs.getRowCount();
for(int i=0;i<count;i++)
{
    attrrs.goToRow(i);
    map.put(attrrs.getStringValue("Task Scheduler.Task Attributes.Name"),
    attrrs.getLongValue("Task Scheduler.Task Attributes.Key"));
}
   

5.    Updating the Schedule Task Attribute


If(attributes.ContainsKey("Search Base"))
{
Map<String, String> updateattributes= new HashMap<String, String>();
updateattributes.put("Task Scheduler.Task Attributes.Name","Search Base"),
updateattributes.put("Task Scheduler.Task Attributes.Value","dc=test,dc=com");
schedulerOperationsIntf.updateScheduleTaskAttribute(schedulerkey, attributes.get("Search Base"), updateattributes);

}


6.    Adding the Schedule Task Attribute


If(!attributes.ContainsKey("Search Base"))
{
Map<String, String> addattributes= new HashMap<String, String>();
addattributes.put("Task Scheduler.Task Attributes.Name","Search Base"),
addattributes.put("Task Scheduler.Task Attributes.Value","dc=test,dc=com");
schedulerOperationsIntf. addScheduleTaskAttribute (schedulerkey, addattributes);
}


7.    Remove the Schedule Task Attribute


If(attributes.ContainsKey("Search Base"))
{
Map<String, String> addattributes= new HashMap<String, String>();
addattributes.put("Task Scheduler.Task Attributes.Name","Search Base"),
addattributes.put("Task Scheduler.Task Attributes.Value","dc=test,dc=com");
schedulerOperationsIntf. deleteScheduleTaskAttribute(attributes.get("Search Base"));
}

Sunday, July 1, 2012

tcITResourceInstanceOperationsIntf API example

The tcITResourceInstanceOperationsIntf inteface API being used to add, update, and delete the ITnResource Instance from the Oracle Identity Manager repository.

Pre-Requisite:

Initial Setup.

Please follow the link and setup the OIM client environment to use to create the OIM Objects.


Client Code Setup

tcITResourceInstanceOperationsIntf API Usage:

The following tasks needs to be performed to add, update, and delete the IT Resource Instance from Oracle Identity Manager. They are

1.    Create the OIMClient Handle


OIMClient client= new OIMClient();
client.login(username,password.toCharArray());

2.    Get tcITResourceInstanceOperationsIntf service object


tcITResourceInstanceOperationsIntf itResource = client.getService(tcITResourceInstanceOperationsIntf.class);

3.    Find the It Resource Instance Key

String itResourceName = "ADITResource"
Map filter= new HashMap();
filter.put("IT Resources.Name","IT Resource Name");
tcResultSet trs=itResource.findItResourceInstances(filter);
int rowCount=trs.getRowCount();
long itResourceKey=-1
if(rowCount >0)
{
    trs.goToRow(0);
    itResourceKey = trs.getLongValue("IT Resource.Key");
}

4.    Getting IT Resource Attributes

Map attributes= new HashMap();
If(itResourceKey >0)
{
tcResultSet itrParams=itResource.getITResourceInstanceParameters(itResourceInstanceKey);
int paramCount= itrParams.getRowCount();
 for(int i=0;i<paramCount;i++)
 {
        itrParams.goToRow(i);
        attributes.put itrParams.getStringValue("IT Resources Type Parameter.Name"),itrParams.getLongValue("IT Resource.Parameter.Key"));
}

5.    Updating the IT Resource Instance Attribute



If(attributes.ContainsKey("Admin FQDN"))
{
Map<String, String> updateattributes= new HashMap<String, String>();
updateattributes.put("Admin FQDN","test@test.com");
itResource.updateITResourceInstanceParameters(itResourceKey,  updateAttributes);
}

6.    Getting the tcITResourceDefinitionOperationsIntf Service Handle


tcITResourceDefinitionOperationsIntf  itresdef= client.getService(tcITResourceDefinitionOperationsIntf.class);

7.    Getting the IT Resource Type Key


Map itRtypemap= new HashMap();
itRtypemap.put("IT Resources Type Definition.Server Type","AD Server");
long itresourceTypeKey= -1;
tcResultSet  itrestypers=itresdef. getITResourceDefinition(itRtypemap);
int typecount= itrestypers.getRowCount();
if(typecount >0)
{
    Itrestypers.goToRow(0);
itresourceTypeKey= itrestypers.getLongValue("IT Resources Type Definition.Key
");
}

8.    Adding the It Resource Instance

String itResourceName="AD Test Server";
Map addAttrs= new HashMap();
addAttrs.put("IT Resources Type Definition.Key",""+itresourceTypeKey);addAttrs.put("IT Resources.Name",itResourceName);

itResourceKey=itResource.createITResourceInstance(addAttrs);

9.    Updating the It Resource Instance Parameters

addAttrs.clear();

addAttrs.put("Admin FQDN ","test@test.com");
addAttrs.put("Admin FQDN ","abc123");

itResource.updateITResourceInstanceParameters(itResourceKey,addAttrs);

10.    Removing the It Resource Instance


If(itResourceKey >0)
{
    itResource. deleteITResourceInstance(itResourceKey);
}