Lets assume we have a disconnected/connected application in OIM which is integrated using a custom connector. To perform the reconciliation for such a custom application a custom code is required to fetch the data from target and create reconciliation event.
This post is to illustrate the recon for a disconnected application using a flat file as a source of data.
- For disconnected application we‘ll need to find a mechanism to get the recon data from the application, simplest of this can be getting a text/csv file from the application team daily/weekly depending upon the recon schedule. For "connected application" we can connect directly to the application and fetch the data.
- Generate the recon profile for the application this includes adding the fields for reconciliation in the Object reconciliation tab of resource object.
For eg. We have 2 fields for recon - Account ID, Account Name. Adding ITResource field is very important for custom recon to work
- Create a recon rule and map the recon attribute with the user
profile attribute. Make sure the Active checkbox is checked.
- In Reconcilliation tab goto Reconcilliation Action Rules and do
the mapping as below.
- Update the reconciliation field mapping in the process
definition.
- Create a custom scheduled job. You can refer my post for creating a scheduled job in OIM.
- We are having below three arguments for the job. For eg:
- File Name (Complete path)
- ITResource Name (Mandatory)
- Resource Object Name (Mandatory)
- Write code to generate the custom recon events.
import Thor.API.Exceptions.tcAPIException;
import Thor.API.Operations.tcProvisioningOperationsIntf;
import Thor.API.Operations.tcUserOperationsIntf;
import com.bea.security.providers.xacml.entitlement.parser.Roles;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Vector;
import oracle.iam.platform.Platform;
import oracle.iam.reconciliation.api.BatchAttributes;
import oracle.iam.reconciliation.api.EventAttributes;
import oracle.iam.reconciliation.api.InputData;
import oracle.iam.reconciliation.api.ReconOperationsService;
import oracle.iam.reconciliation.api.ReconciliationResult;
import oracle.iam.scheduler.vo.TaskSupport;
public class dummyRecon extends TaskSupport {
private tcUserOperationsIntf userOperation = null;
private tcProvisioningOperationsIntf provisionOperation = null;
private ReconOperationsService reconOperation;
private Vector data = new Vector();
private String fileName;
private String ItResource;
private String resourceObjName;
public dummyRecon() {
}
public void execute(HashMap hashMap) {
this.fileName = hashMap.get("File Name").toString();
this.ItResource = hashMap.get("ITResource Name").toString();
this.resourceObjName= hashMap.get("Resource Object Name").toString();
initialize();
getReconData();
triggerRecon();
}
private void initialize() {
this.userOperation =
((tcUserOperationsIntf)Platform.getService(tcUserOperationsIntf.class));
this.provisionOperation =
((tcProvisioningOperationsIntf)Platform.getService(tcProvisioningOperationsIntf.class));
this.reconOperation =
((ReconOperationsService)Platform.getService(ReconOperationsService.class));
}
public HashMap getAttributes() {
return null;
}
public void setAttributes() {
}
private void getReconData() {
String file = this.fileName;
BufferedReader reader = null;
try {
reader = new BufferedReader(new FileReader(file));
int headerFieldCount = 0;
String line = "";
while ((line = reader.readLine()) != null) {
this.data.add(line.split("\\,"));
}
} catch (Exception e) {
e.printStackTrace();
try {
reader.close();
} catch (IOException ioe) {
ioe.printStackTrace();
} catch (Exception e1) {
e1.printStackTrace();
}
} finally {
try {
reader.close();
} catch (IOException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
}
private void triggerRecon() {
EventAttributes ea = new EventAttributes();
for (int i = 0; i < data.size(); i++) {
String[] temp = (String[])data.get(i);
Map reconMap = new HashMap();
reconMap.put("Account ID", temp[0]);
reconMap.put("Account Name", temp[1]);
reconMap.put("ITResource", this.ItResource); //Must Have this
ea.setEventFinished(true);
long eventKey =
reconOperation.createReconciliationEvent(this. resourceObjName,
reconMap, ea);
try {
reconOperation.processReconciliationEvent(eventKey);
} catch (tcAPIException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
}
}
}
}
If you have any questions or need more details, please update the comments. I will try my best to answer them.
-gaurav
-gaurav
We are facing one issue, when we are trying to do the recon for disconnected applications, the resource get linked to the user but the status comes as 'Provisioning' not as 'Provisioned'. Whether there are any other changes that are required so that we can have the resource as 'Provisioned'?
ReplyDeleteOpen the process definition, then "Reconciliation Insert Received"process task. Under the response tab pls make sure there is an entry of response - "Event Processed" mapped to status "C". If not then pls make it and recreate your recon profile and test.
Delete-gaurav
Roulette - Baccarat in the US - Wolverione
ReplyDeleteWhat is the minimum bet in Baccarat? How do I know 카지노 if the odds at the table 바카라 have gone down? How do I know if it 인카지노 has gone down?