By mustafakaya on Jun 17, 2014
- Validation: Stage to perform validation on the orchestration, such as validity of orchestration parameters. Orchestration parameter is the data that is required to carry out the orchestration operation.
- Preprocess: Stage to perform orchestration parameter manipulations or get approvals or perform Segregation of Duties (SoD) checks.
- Action: Stage in which the action takes place.
- Audit: Stage in which the auditing of operation is performed.
- Postprocess: Stage in which consequent operations related to the current operation takes place. Examples of consequent operations are auto role membership and policy evaluation on a user creation.
- Finalization: Last stage in the process to perform any clean up.
Oracle Identity Manager allows you to implement Service Provider Interfaces (SPIs) to customize the functionality of orchestration operations. Only customization of preprocess, postprocess, validation, and finalization stages of an operation in an entity orchestration is supported.
In my example, i will explain user enable operation. For example, we may want to change user's end-date when user's status change to enable.
1-) Develop custom event handler Java code.
For our example, I will use Postprocess stage therefore our class must be extended from oracle.iam.platform.kernel.spi.PostProcessHandler.
<?xml version = '1.0' encoding = 'UTF-8'?><xl-ddm-data version="188.8.131.52" user="XELSYSADM" database="jdbc:oracle:thin:@trkist01-odb-01:1521/MIDM" exported-date="1354621487559" description="RoleUserEventManagement"><eventhandlers repo-type="MDS" name="RoleUserEventManagement" mds-path="/db" mds-file="RoleUserEventManagement.xml"><completeXml><eventhandlers xmlns="http://www.oracle.com/schema/oim/platform/kernel" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oracle.com/schema/oim/platform/kernel orchestration-handlers.xsd"><action-handler orch-target="oracle.iam.platform.kernel.vo.EntityOrchestration" class="com.mypackage.oim.plugins.events.RoleUserEventManagement" entity-type="RoleUser" operation="CREATE" name="RoleUserEventManagement" stage="postprocess" sync="TRUE" order="FIRST" /></eventhandlers></completeXml></eventhandlers></xl-ddm-data>
b.Package the plug-in XML and the JAR file that contains the custom class or classes into a plug-in ZIP file.
You can use the Plugin Registration Utility for registering and unregistering plug-ins. The utility uses the following files:
Before using the utility, perform the following:
- Set the values for WLS_HOME and OIM_HOME in ant.properties.
- Build the wlfullclient.jar in Oracle WebLogic server:
- Change directories to WLS_HOME/server/lib.
- Run the following command:
In addition, set the path for MW_HOME in the ant.properties file.
java -jar ../../../modules/com.bea.core.jarbuilder_184.108.40.206.jar
To register a plug-in:
- Execute the ant target "register":
- This will prompt for the Oracle Identity Manager username and password along with the server information and the location of the plugin zip file. Enter the complete path of the zip file location.
ant -f pluginregistration.xml register
Mustafa Kaya is a Senior Consultant in Oracle Fusion Middleware Team, living in Istanbul. Before coming to Oracle, he worked in teams developing web applications and backend services at a telco company. He is a Java technology enthusiast, software engineer and addicted to learn new technologies,develop new ideas.