Showing posts with label Custom. Show all posts
Showing posts with label Custom. Show all posts

Wednesday, April 30, 2014

How to implement custom recon in OIM 11G R2?


Lets assume we have a disconnected/connected application in OIM which is integrated using a custom connector. To perform the reconciliation for such a custom application a custom code is required to fetch the data from target and create reconciliation event.

This post is to illustrate the recon for a disconnected application using a flat file as a source of data.

  • For disconnected application we‘ll need to find a mechanism to get the recon data from the application, simplest of this can be getting a text/csv file from the application team daily/weekly depending upon the recon schedule. For "connected application" we can connect directly to the application and fetch the data.

  • Generate the recon profile for the application this includes adding the fields for reconciliation in the Object reconciliation tab of resource object.

       For eg. We have 2 fields for recon - Account ID, Account Name. Adding ITResource field is very     important for custom recon to work
                  
  • Create a recon rule and map the recon attribute with the user profile attribute. Make sure the Active checkbox is checked.

  • In Reconcilliation tab goto Reconcilliation Action Rules and do the mapping as below.

  • Update the reconciliation field mapping in the process definition.




  • Create a custom scheduled job. You can refer my post for creating a scheduled job in OIM.
    • We are having below three arguments for the job. For eg:
      • File Name (Complete path)
      • ITResource Name (Mandatory)
      • Resource Object Name (Mandatory)

  • Write code to generate the custom recon events.

    import Thor.API.Exceptions.tcAPIException;
import Thor.API.Operations.tcProvisioningOperationsIntf;
import Thor.API.Operations.tcUserOperationsIntf;

import com.bea.security.providers.xacml.entitlement.parser.Roles;

import java.io.BufferedReader;
import java.io.FileReader;
import java.io.IOException;

import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Vector;

import oracle.iam.platform.Platform;
import oracle.iam.reconciliation.api.BatchAttributes;
import oracle.iam.reconciliation.api.EventAttributes;
import oracle.iam.reconciliation.api.InputData;
import oracle.iam.reconciliation.api.ReconOperationsService;
import oracle.iam.reconciliation.api.ReconciliationResult;
import oracle.iam.scheduler.vo.TaskSupport;

public class dummyRecon extends TaskSupport {
    private tcUserOperationsIntf userOperation = null;
    private tcProvisioningOperationsIntf provisionOperation = null;
    private ReconOperationsService reconOperation;
    private Vector data = new Vector();
    private String fileName;
    private String ItResource;
    private String resourceObjName;
    public dummyRecon() {

    }

    public void execute(HashMap hashMap) {
        this.fileName = hashMap.get("File Name").toString();
        this.ItResource = hashMap.get("ITResource Name").toString();
            this.resourceObjName= hashMap.get("Resource Object Name").toString(); 
    initialize();
        getReconData();
        triggerRecon();

    }

    private void initialize() {
        this.userOperation =
                ((tcUserOperationsIntf)Platform.getService(tcUserOperationsIntf.class));
        this.provisionOperation =
                ((tcProvisioningOperationsIntf)Platform.getService(tcProvisioningOperationsIntf.class));
        this.reconOperation =
                ((ReconOperationsService)Platform.getService(ReconOperationsService.class));
    }

    public HashMap getAttributes() {
        return null;
    }

    public void setAttributes() {
    }

    private void getReconData() {

        String file = this.fileName;

        BufferedReader reader = null;
        try {
            reader = new BufferedReader(new FileReader(file));
            int headerFieldCount = 0;

            String line = "";


            while ((line = reader.readLine()) != null) {

                this.data.add(line.split("\\,"));

            }

        } catch (Exception e) {
            e.printStackTrace();
            try {
                reader.close();
            } catch (IOException ioe) {
                ioe.printStackTrace();
            } catch (Exception e1) {
                e1.printStackTrace();
            }
        } finally {
            try {
                reader.close();
            } catch (IOException e) {
                e.printStackTrace();
            } catch (Exception e) {
                e.printStackTrace();
            }
        }

    }

    private void triggerRecon() {
        EventAttributes ea = new EventAttributes();
        for (int i = 0; i < data.size(); i++) {
            String[] temp = (String[])data.get(i);
            Map reconMap = new HashMap();

            reconMap.put("Account ID", temp[0]);
            reconMap.put("Account Name", temp[1]);
            reconMap.put("ITResource", this.ItResource); //Must Have this
            ea.setEventFinished(true);
            long eventKey =
                reconOperation.createReconciliationEvent(this.resourceObjName,
                                                         reconMap, ea);
            try {
                reconOperation.processReconciliationEvent(eventKey);
            } catch (tcAPIException e) {
                e.printStackTrace();
            } catch (Exception e) {
                e.printStackTrace();
            }

        }
    }
} 

    If you have any questions or need more details, please update the comments. I will try my best to answer them.

    -gaurav
    Posted by at 3 comments:
    Labels: , , , ,
    Subscribe to: Posts (Atom)