cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

UME API : Assigning local users / groups to REMOTE roles

Former Member

on ‎07-26-2007 3:29 PM

0 Kudos

Folks,

I am developing a custom UME assignment tool for the FPN, that would run from the consumer.

I am unable to find API's that can be used to query the producers, for the remote roles, and to perform assignment to remote roles.

I am kinda trying to extend the same functionality present in Identity Management.

I would want to know if the UME API's would pick up the remote roles in all the producers, by default, once the producers and consumers of the FPN have been configured, or if there is some other way to do this?

Any help is always appreciated.

Have a nice day.

Thanks,

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎07-28-2007 5:11 PM
0 Kudos

Hi Jagadish,

My question was specific to extracting REMOTE roles from producers, and assigning local users to them.

Please let me know any API you might have come across for this, for example to provide a "source" as search term when searching for roles etc.

Thanks

Show replies
Show replies
former_member189428
Contributor
‎07-27-2007 11:49 AM
0 Kudos

Hi Portal User,

using the following it helps the retrieve the all the roles

package com.sap;

import java.util.Hashtable;

import java.util.Iterator;

import javax.naming.Context;

import javax.naming.InitialContext;

import javax.naming.NameClassPair;

import javax.naming.NamingEnumeration;

import javax.naming.NamingException;

import com.sap.ip.portal.service.ume.IUserManagementEngine;

import com.sap.security.api.IRole;

import com.sap.security.api.IRoleFactory;

import com.sap.security.api.IRoleSearchFilter;

import com.sap.security.api.ISearchAttribute;

import com.sap.security.api.IUser;

import com.sap.security.api.UMException;

import com.sap.security.api.UMFactory;

import com.sap.security.api.srvUser.IServiceUserFactory;

//import com.sapportals.portal.pcd.gl.IPcdAttribute;

//import com.sapportals.portal.pcd.gl.IPcdContext;

import com.sapportals.portal.prt.component.AbstractPortalComponent;

import com.sapportals.portal.prt.component.IPortalComponentRequest;

import com.sapportals.portal.prt.component.IPortalComponentResponse;

import com.sapportals.portal.prt.runtime.PortalRuntime;

public class RoleDisplay extends AbstractPortalComponent {

String userid;

private final String PCDCONTEXT =

"com.sapportals.portal.pcd.gl.IPcdContext";

private final String PCDIVIEW =

"com.sapportals.portal.ivs.iviews.IPortalIview";

private final String PCDPAGE =

"com.sapportals.portal.ivs.iviews.IPortalPage";

private final String PCDROLE =

"com.sapportals.portal.pcd.pcm.roles.IRoleDescriptor";

private final String PCDWORKSET =

"com.sapportals.portal.pcd.pcm.roles.IWorksetDescriptor";

private final String PCDSYSTEM =

"com.sapportals.iviewserver.systemlandscape.service.ISystemObject";

private final String PCDLAYOUT = "com.sapportals.portal.ivs.iviews.ILayout";

private final String PCDFOLDER =

"com.sapportals.portal.pcd.pcm.roles.IRoleFolderDescriptor";

public void doContent(

IPortalComponentRequest request,

IPortalComponentResponse response) {

String rolesmatching = "";

try {

IRoleFactory roleFact = UMFactory.getRoleFactory();

IRoleSearchFilter roleFilt = roleFact.getRoleSearchFilter();

roleFilt.setSearchAttribute(

"com.sap.security.core.usermanagement",

"uniquename",

rolesmatching,

ISearchAttribute.LIKE_OPERATOR,

false);

response.write("<h2>URLs for pages and iViews in roles matching "rolesmatching"</h2>");

//response.write("<p>Possibly useful for setting up the homepage framework for XSS functions");

//response.write(" as the URL can be copied into any resource definition.");

//response.write(" Replace ROLES:: with EXROLES:: to allow for starting the page in a new window</p>");

Iterator role = roleFact.searchRoles(roleFilt);

int rolenum = 0;

while (role.hasNext()) {

String roleroot;

String rolestr = (String) role.next();

IRole r = UMFactory.getRoleFactory().getRole(rolestr);

roleroot = r.getUniqueName();

if (roleroot.startsWith("pcd:")) {

response.write("<a name=\""rolenum"\"");

rolenum++;

response.write("<p><b>Role: " + r.getDescription() + "</b></a>");

if (role.hasNext())

response.write(" <a href=\"#"rolenum"\">next role</a>");

if (rolenum>1)

response.write(" <a href=\"#"(rolenum-2)"\">prev role</a>");

response.write(

"<table class=\"gSAPTABLE\" cellspacing=\"0\">"

+ "<tr class=\"gSAPTR\"><th class=\"gSAPTH\">Type</th>"

+ "<th class=\"gSAPTH\">Name</th>"

+ "<th class=\"gSAPTH\">URL</th></tr>");

list_context(

request,

response,

getEnvironment(request, response),

roleroot);

}

response.write("</table>");

}

} catch (Exception e) {

try {

e.printStackTrace(request.getServletResponse(true).getWriter());

} catch (Exception e1) {

}

}

}

private void list_context(

IPortalComponentRequest request,

IPortalComponentResponse response,

Context initialContext,

String browsing_root) {

try {

NamingEnumeration names = initialContext.list(browsing_root);

if (names.hasMoreElements()) {

NameClassPair nameClass;

while (names.hasMore()) {

nameClass = (NameClassPair) names.next();

String type = nameClass.getClassName();

String new_root = browsing_root + "/" + nameClass.getName();

if (nameClass.getClassName().equals(PCDWORKSET))

type = "Workset";

else if (nameClass.getClassName().equals(PCDFOLDER))

type = "Folder";

else if (nameClass.getClassName().equals(PCDROLE))

type = "Role";

else if (nameClass.getClassName().equals(PCDPAGE))

type = "Page";

else if (nameClass.getClassName().equals(PCDIVIEW))

type = "iView";

else if (nameClass.getClassName().equals(PCDLAYOUT))

type = "Layout";

String objtitle = "";

try {

//

// IPcdContext targetobject =

// (IPcdContext) initialContext.lookup(new_root);

// Object object =

// targetobject.getAttributes("").get(

// "com.sap.portal.pcm.Title");

// if (object instanceof IPcdAttribute) {

// IPcdAttribute att = (IPcdAttribute) object;

// objtitle = att.get(request.getLocale());

}

//}

catch (Exception e) {

response.write(e.getMessage() + "<br>");

}

if (!nameClass.getClassName().equals(PCDLAYOUT)

&& !nameClass.getClassName().equals(PCDCONTEXT)) {

response.write(

"<tr><td class=\"gSAPTD\">"

+ type

+ "</td><td class=\"gSAPTD\">"

+ objtitle

+ "</td>");

if (type.startsWith("i") || type.startsWith("P"))

response.write(

"<td class=\"gSAPTD\">ROLES://"

+ new_root.substring(4)

+ "</td>");

else

response.write("<td></td>");

response.write("</tr>");

};

if (nameClass.getClassName().equals(PCDWORKSET)

|| nameClass.getClassName().equals(PCDFOLDER)

|| nameClass.getClassName().equals(PCDPAGE)) {

list_context(

request,

response,

initialContext,

new_root);

}

}

}

} catch (Exception e) {

response.write(e.getMessage());

}

}

public InitialContext getEnvironment(

IPortalComponentRequest request,

IPortalComponentResponse response) {

String methodName = "getEnvironment";

InitialContext initialContext = null;

try {

IUser principalObj = null;

// set the security principal

principalObj = this.getServiceUser("pcd_service", response);

Hashtable env = new Hashtable();

env.put(

Context.INITIAL_CONTEXT_FACTORY,

"com.sapportals.portal.pcd.gl.PcdInitialContextFactory");

if (principalObj != null) {

env.put(Context.SECURITY_PRINCIPAL, principalObj);

}

env.put(

"com.sap.portal.jndi.requested_aspect",

"com.sap.portal.pcd.gl.PersistencyAspect");

env.put("java.naming.factory.object", "__IPcdContext__");

initialContext = new InitialContext(env);

} catch (NamingException e) {

}

return initialContext;

}

public IUser getServiceUser(

String username,

IPortalComponentResponse response) {

IUser serviceUser = null;

IUserManagementEngine ume =

(IUserManagementEngine) PortalRuntime

.getRuntimeResources()

.getService(

IUserManagementEngine.KEY);

IServiceUserFactory sufactory = ume.getServiceUserFactory();

try {

serviceUser = sufactory.getServiceUser(username);

} catch (UMException e) {

response.write(e.getMessage());

}

return serviceUser;

}

}

JagadishBabu

Show replies
Show replies
Ask a Question