Oracle Identity Manager 11gR2PS2 UI Bulk Role Operations - Part 1

Version 16

    This article by Oracle senior consultant Eduardo Ludovico illustrates how to modify Oracle Identity Manager to prodvide a user-friendly way to perform a bulk removal of users via a graphical interface.


    By Eduardo Ludovico

     

    December 2014


     

    Introduction

     

    I'm currently working with a customer who desires a number of modifications to Oracle Identity Manager (OIM) 11gR2PS2. One of the issues raised to me is that there was no user-friendly interface for revoking a role operation in a "bulk mode" by API only. At he moment, this can be done only by picking users one by one.

     

    The problem was aggravated by a business requirement that the help desk team must assign and revoke the membership roles of dozens of users--and that is very time consuming.

     

    I was asked to provide a way to remove a batch of users via a graphical interface. The requirement: instead of selecting users one by one, removal would be done in a bulk fashion mode that passes a list of users and roles to OIM at a single time.

     

    Business Case

     

    Consider the following business requirements:

     

    1. The help desk staff need to assign and revoke many users of many different roles at the same time.
    2. The help desk staff should accomplish these tasks using the UI.

     

    Solution

     

    To solve this issue, we’ll make a single fragmentation JSF page. We'll link two single buttons with the Public Task Flow, a new feature implemented in OIM11gR2PS2.  You can find more details about Public Task Flow here: https://docs.oracle.com/cd/E40329_01/dev.1112/e27150/uicust.htm#OMDEV5424

     

    To invoke the page that we prepare, we will include a new command button on the main page, under the Administration category.

     

     

    The Result of our Approach

     

    The new button will appear and should be used to call the new page.

     

    002-tearoff.png

     

    On the new page, you can input the user login and role. If you need to assign many users to many roles, you can do so by adding a comma between the user login names or roles.

     

    imagem 61-tear-off-en.png

     

    Considerations and Limitations

     

    Questions about security, logging and performance are beyond the scope of this paper, so keep in mind that this customization is not ready to deploy in a production environment--it is only a starting point for development.

     

     

    Preparing the Development Environment

     

    Software Requirements

     

    • JDeveloper Studio Edition Version 11.1.1.7.0
    • Java(TM) Platform 1.6.0_24
    • SOA Composite Editor 11.1.1.7.0.00.97
    • BPMN Editor 11.1.1.7.0.0.97
    • ADF Business Components 11.1.1.64.93

     

    Create a new application

     

    1. In JDeveloper, click New Application. A wizard form opens.
    2. In Application Name, type UIBulkOperation.
    3. In Application Template, select Generic Application.
    4. Click Next.

     

    ludoviao-odi-part-1-fig04.png

    5.  In Project Name, type Project 1.

    6.  Click Finish.

    ludoviao-odi-part-1-fig05.png

     

    Delete the new project

     

    1. Right click on Project 1.
    2. Click Delete Project.

    Imagem 04a-skits-tearoff.png

     

       3. Select Remove project and delete all of its contents(including source directories).

       4. Click Yes.

    Imagem 04b.png

     

    Create a new ADF project

     

    1. In JDeveloper, click File.
    2. Select New. A wizard form opens.
    3. In Categories, click General.
    4. Click Projects.
    5. In Items, click ADF ViewController Project.

     

    ludoviao-odi-part-1-fig09.png

     

    1. Click OK. Another wizard form opens.
    2. In Project Name, type UIBulkOperation.

     

    ludoviao-odi-part-1-fig10.png

    1. Click Next. Another wizard form opens.
    2. In Default Package, type br.com.oracle.ocs.view.
    3. Click Finish.

     

    ludoviao-odi-part-1-fig11.png

     

    Fixing Package Dependencies

     

    The next set of steps describes how to add the following OIM libraries into your project:

     

    <OIM_HOME>/server/modules/oracle.iam.ui.model_11.1.2/adflibCommonModel.jar

    <OIM_HOME>/server/modules/oracle.iam.ui.view_11.1.2/adflibPlatformUI.jar

     

    1. Right-click the project UIBulkOperation and click Project Properties.

    imagem 100atearoff.png


       2.  A wizard form opens.

       3.  Click Libraries and Classpath.

       4.  Click Add JAR/ Directory.

     

    ludoviao-odi-part-1-fig13.png

     

    1. Select the libraries adflibCommonModel.jar and adflibPlatformUI.jar.
    2. Click OK.

     

    ludoviao-odi-part-1-fig14.png

     

    Checkpoint

     

    The application and the project should be ready to compile our project. The application should resemble the image below:

     

    ludoviao-odi-part-1-fig15.png

     

    Creating the necessary classes

     

    Creating the FaceUtils class

     

    The FaceUtils class is featured in the customization use cases shown in the "Using Managed Beans" section of the “Fusion Middleware Developer's Guide for Oracle Identity Manager” development manual. This class contains various helper methods for re-rendering components, evaluating EL expressions, and accessing attributes through binding. The official reference is:

     

    https://docs.oracle.com/cd/E40329_01/dev.1112/e27150/facesutils.htm#OMDEV5216

     

    To create a new class FaceUtils:

     

    1. Right-click in the project UIBulkOperation.
    2. Click New.

    Imagem 120-skitch-tearoff.png

     

    In the wizard panel:

     

    1. Click on General.
    2. Select Java.
    3. Select Java Class.
    4. Click OK.

     

    image002.png

     

    5.  Another wizard form opens.

    6.  Name: FacesUtils.

    7.  Package: br.com.oracle.ocs.utils.

    8.  Click OK.

     

     

     

    image003.png

    The new FacesUtils.java page will appear.

     

    Copy and paste the source code available through the Oracle documentation link “Oracle Fusion Middleware Developer's Guide for Oracle Identity Manager”: https://docs.oracle.com/cd/E40329_01/dev.1112/e27150/facesutils.htm#OMDEV5216. in the new FacesUtil.java page that we have just created.

     

    You must add ADF Model Runtime to the classpath to resolve the errors related to importing these packages.

     

    Details here: https://docs.oracle.com/cd/E40329_01/dev.1112/e27150/facesutils.htm#OMDEV5216

     

    To add ADF Model Runtime to the project classpath:

     

    1. Right-click the project and select Project Properties.
    2. Click Libraries and Classpath.
    3. Click Add Library.

     

    image005.png

     

    1. Under Extension, select ADF Model Runtime.

     

    image006.png

     

    1. Click OK.

     

    Create the BulkOperationReqBean backingBean

     

    To create the backingBean that will be responsible for revoking and assigning roles, do the following:

     

    1. Right-click the project
    2. Click New.

      Imagem 120-skitch-tearoff.png


    3. Under Categories, select Java.
    4. Select Java Class and click OK.

      image007.png

    5. Name: BulkOperationReqBean.
    6. Package: br.com.oracle.ocs.view.

      image008.png

    7. Click OK.

     

    Include the import below:

      import java.util.HashMap;
      
      import java.util.Map;
      
      import javax.faces.application.FacesMessage;
      
      import javax.faces.event.ActionEvent;
      
      import br.com.oracle.ocs.utils.FacesUtils;
    

     

    Declare the variables:

    private static final String TITULO_PRINCIPAL = "Operações em Lote";
    
    private static final String TITULO_REMOVE = "Remove Atribuição";
    
    private static final String TITULO_CONCEDE = "Concede Atribuição";
    
    private static final String PAGINA_PRINCIPAL = 
    "/WEB-INF/UIBulkOpeation-task-flow-definition.xml#UIBulkOpeation-task-flow-definition";
    
    private static final String PAGINA_REMOVE = 
    "/WEB-INF/oracle/iam/ui/taskflows/public/tfs/revoke-role-tf.xml#revoke-role-tf";
    
    private static final String PAGINA_CONCEDE = 
    "/WEB-INF/oracle/iam/ui/taskflows/public/tfs/request-role-tf.xml#request-role-tf";
    
    private static final String ICON_PRINCIPAL = "/images/request_ena.png";
    
    private static final String ICON_CATALOG = "/images/catalog.png";
    
    private static final String MSG_FALTA_ATRIBUICAO = "Nome da Role Necessária";
    
    private static final String MSG_FALTA_NOME_ATRIBUICAO = 
    "É necessário preencher o campo Atribuições.";
    
    
    private String userLogins;
    
    private String roleNames;
    

     

    The method that should show the page is:

    public void apresentaTaskFlow(ActionEvent actionEvent) {
    
                Map params = new HashMap();
    
                FacesUtils.launchTaskFlow(TITULO_PRINCIPAL, PAGINA_PRINCIPAL,
    
                TITULO_PRINCIPAL, ICON_PRINCIPAL,
    
                "description", "helpTopicId", false, params);
    
                }
    

     

    The method that should revoke the role is:

                public void executaRemoveRoles(ActionEvent actionEvent) {
    
                if (roleNames != null && !roleNames.equals("")) {
    
                Map params = new HashMap();
    
                params.put("roleNames", roleNames);
    
                params.put("userLogins", userLogins);
    
                FacesUtils.launchTaskFlow(TITULO_REMOVE, PAGINA_REMOVE,
    
                TITULO_REMOVE, ICON_CATALOG,
    
                 "description", "helpTopicId", false,
    
                params);
    
                } else {
    
                FacesMessage fm = new FacesMessage(FacesMessage.SEVERITY_ERROR,
    
                MSG_FALTA_ATRIBUICAO,
    
                MSG_FALTA_NOME_ATRIBUICAO);
    
                FacesUtils.showFacesMessage(fm);
    
                }
    
                }
    

     

    This method that should assign the role is:

                public void executaConcedeRoles(ActionEvent actionEvent) {
    
                if (roleNames != null && !roleNames.equals("")) {
    
                Map params = new HashMap();
    
                params.put("roleNames", roleNames);
    
                params.put("userLogins", userLogins);
    
                FacesUtils.launchTaskFlow(TITULO_CONCEDE, PAGINA_CONCEDE,
    
                TITULO_CONCEDE, ICON_CATALOG,
    
                "description", "helpTopicId", false,
    
                params);
    
                } else {
    
                FacesMessage fm = new FacesMessage(FacesMessage.SEVERITY_ERROR,
    
                MSG_FALTA_ATRIBUICAO,
    
                MSG_FALTA_NOME_ATRIBUICAO);
    
                FacesUtils.showFacesMessage(fm);
    
                }
    
                }
    

     

    Don't forget the setters and getters:

                public void setUserLogins(String userLogins) {
    
                this.userLogins = userLogins;
    
                }
    
                
    
                public String getUserLogins() {
    
                return userLogins;
    
                }
    
                
    
                public void setRoleNames(String roleNames) {
    
                this.roleNames = roleNames;
    
                }
    
                
    
                public String getRoleNames() {
    
                return roleNames;
    
                }
    

     

    Register the backingBean

     

    1. Click adfc-config.xml
    2. Click Managed Beans.
    3. Click on the “+” sign on the right-hand side. 
    4. In Name* field, type bulkOperationsReqBean.
    5. In Class* field, type br.com.oracle.ocs.view.BulkOperationReqBean.
    6. In Scope* field, type backingBean.

     

    Îmagem105.png

     

    Checkpoint

     

    1. Click Project: BulkOperationsUI.
    2. Click Rebuild UIBulkOperation.jpr.

     

    001a01-tearoff.png

    001b01-tearoff.png

     

    Our goal at this point is to build an application without errors or warnings.

     

    Creating and configuring a new JSF page

     

    Creating a new JSF page

     

    1. Right click on the project UIBulkOperation.
    2. Click New.
    3. Click General.
    4. Under Web Tier, select JSF.
    5. Under Items, select JSF Page Fragment.

     

    image003.png

    1. Click OK.
    2. In the File Name field, type UIBulkOperationPage.jsff.

     

    image005.png

     

    1. Click OK.
    2. The system will generate a new page automaticly into right place

     

    Configure a new JSF page

     

    1. Under Projects>>UIBulkOperation>>Web Content, click the UIBulkOperationPage.jsff. The page will appear.
    2. On the Page side, click on the Source tab.

     

    image007.png

     

    1. Copy and paste the source code bellow into the new UIBulkOperationPage.jsf page:

    <?xml version='1.0' encoding='UTF-8'?>

    <jsp:root xmlns:jsp="http://java.sun.com/JSP/Page" version="2.1"          

         xmlns:af="http://xmlns.oracle.com/adf/faces/rich">  

    <af:panelGroupLayout id="pgl1" layout="horizontal">    

    <af:panelGroupLayout id="pgl2" layout="horizontal">      

    <af:showDetail disclosed="true" id="sd1" disclosedText="Bulk Operation">        

         <af:spacer width="10" height="10" id="s1"/>        

         <af:panelGroupLayout id="pgl6">          

         <af:panelGroupLayout id="pgl3" layout="horizontal"

                   inlineStyle="width:551px;">            

         <af:inputText label="Login(s)" id="it1"

                  value="#{backingBeanScope.bulkOperationsReqBean.userLogins}"/>            

         <af:panelGroupLayout id="pgl4">              

         <af:inputText label="Atribuições" id="it2"

                  value="#{backingBeanScope.bulkOperationsReqBean.roleNames}"/>            

         </af:panelGroupLayout>         

         </af:panelGroupLayout>          

         <af:spacer width="10" height="10" id="s3"/>          

         <af:panelGroupLayout id="pgl5" layout="horizontal" halign="right"                                       inlineStyle="width:522px;" valign="middle">            

         <af:commandButton text="Remove Roles" id="cb1"

    actionListener="#{backingBeanScope.bulkOperationsReqBean.executaRemoveRoles}"/>            

         <af:spacer width="10" height="10" id="s2"/>            

         <af:commandButton text="Concede Roles" id="cb2"

    actionListener="#{backingBeanScope.bulkOperationsReqBean.executaConcedeRoles}"/>          

         </af:panelGroupLayout>        

        </af:panelGroupLayout>        

        <af:checkUncommittedDataBehavior/>      

       </af:showDetail>    

      </af:panelGroupLayout>  

    </af:panelGroupLayout>

    </jsp:root>

     

    Checkpoint

     

    Let's check out what our new page looks like.

     

    1. On the Page side, click on the Preview tab. You should see the new page.

        Imagem 107.png

    >> Continue to Part 2 >>