17 Administration Service

The Administration service allows you to perform administrative operations in Oracle Workspaces such as granting and revoking application level roles, and setting application lever configuration properties.

The environment property "oracle.workspaces.ws.administrationEnabled" must be set to true.

Note: It is possible to revoke application administrator role from all of your Oracle Workspaces administrators. You may use the Oracle Workspaces Configuration Assistant to grant application administrator role to a particular user. Ensure that the environment variables ORACLE_HOME and LD_LIBRARY_PATH are defined. Execute the following command at a command prompt: java -jar ${ORACLE_HOME}/workspaces/lib/workspaces_ca.jar logfile=cw_grant_admin_role.log action=grant_admin_role oh=<Infrastructure Oracle home directory> oid=<Oracle Internet Directory host> oid_port=<Oracle Internet Directory port> oid_user_dn=<Oracle Internet Directory administrator's distinguished name> oid_passwd=<Oracle Internet Directory administrator's password> db_sn=<Oracle Workspaces database entry orcldbglobalname> cw_admin_uid=<UID of the user to be granted application administrator role>

Example: Grant Roles to Members

The following sample grants application administrator role and workspace creator role to a group of members. These members are created from a group of users who have been defined in Oracle Internet Directory. Before executing the sample, either add users to the group as specified in the sample or specify your own group in Oracle Internet Directory and populate it with users.

Example 17-1 AdministrationServiceSample.java

package oracle.sample.workspaces.ws;
 
import java.rmi.RemoteException;
import javax.xml.rpc.ServiceException;
import oracle.workspaces.ws.AdministrationService;
import oracle.workspaces.ws.AdministrationServiceServiceLocator;
import oracle.workspaces.ws.AdministrationServiceSoapBindingStub;
import oracle.workspaces.ws.AuthenticationService;
import oracle.workspaces.ws.UsersService;
import oracle.workspaces.ws.beans.Member;
import oracle.workspaces.ws.beans.User;
import oracle.workspaces.ws.exceptions.CwWSException;
import org.apache.axis.transport.http.HTTPConstants;
 
public class AdministrationServiceSample 
{
  public static AdministrationService configureAdministrationService(
    String szAuthCookie)
    throws ServiceException, RemoteException, CwWSException
  {
    AdministrationServiceServiceLocator adssl =
      new AdministrationServiceServiceLocator();
    AdministrationService aService =
      adssl.getAdministrationService();
    ((AdministrationServiceSoapBindingStub)aService).
      setMaintainSession(true);
    ((javax.xml.rpc.Stub)aService).
      _setProperty(HTTPConstants.HEADER_COOKIE, szAuthCookie);
      
    ((AdministrationServiceSoapBindingStub)aService).
      setSystemAdministratorMode(true);
    
    return aService;
  
  }
 
 
  public static void grantRolesToUsers(
    AdministrationService szAdministrationService,
    User[] szUsers,
    String[] szRoles)
    throws RemoteException, CwWSException
    {
      // The last argument of the method updateApplicationRoles
      // is an array of strings. Each string in this
      // array may have a value of either "GRANT" or
      // "REVOKE". The array must be the same
      // size as the number of members to whom you wish to
      // grant or revoke application roles.
      //
      // The following for loop sets each string in
      // grantStrings to the value "GRANT". As a result,
      // each member in currentMembers will be granted
      // the specified application role (which is specified
      // by szRoles).
      
    
      String[] grantStrings = new String[szUsers.length];
      for (int i=0; i < grantStrings.length; i++) 
      {
        grantStrings[i] = "GRANT";
      }
      
      Member[] currentMembers = new Member[szUsers.length];
      for (int i=0; i < szUsers.length; i++) 
      {
        Member currentMember = new Member();
        currentMember.setMemberRoleType(szRoles);
        currentMember.setUser(szUsers[i]);
        currentMembers[i] = currentMember;
      }
      
      szAdministrationService.updateApplicationRoles(
        currentMembers, grantStrings);
    }
  
  
 
  public static void main(String[] args)
  {
    try {
      // Get authentication cookie
      
      AuthenticationService myAuthenticationService =
        AuthenticationSample.configureAuthenticationService(
          "orcladmin",
          "welcome1");
          
      String authCookie = AuthenticationSample.getAuthenticationCookie
        (myAuthenticationService);
        
      System.out.println("Retrieved authentication cookie : " + authCookie);
      
      // Get UsersService and set authentication cookie
      UsersService myUsersService =
        UsersServiceSample.configureUsersService(authCookie);
      // Retrieve AdministrationService and set authentication cookie
      AdministrationService myAdministrationService =
        AdministrationServiceSample.configureAdministrationService(authCookie);
        
 
      // Retrieve Oracle Collaboration Suite users
      // from Oracle Internet Directory from
      // the specified group DN
      User[] myUsers = UsersServiceSample.getUsersFromGroupDN(
        myUsersService,
        "cn=raymond_group,cn=Groups,dc=us,dc=oracle,dc=com");
      
      System.out.println("Retrieved users");
      
      AdministrationServiceSample.grantRolesToUsers(
        myAdministrationService,
        myUsers,
        new String[]{"APPLICATION_ADMINS_ROLE","WORKSPACE_CREATORS_ROLE"});
      
      System.out.println("Granted application administrator " +
        "and workspace creators roles to users");
 
      myAuthenticationService.logout();             
    } catch (CwWSException cwwse) 
    {
      System.out.println("CwWSException caught: " + cwwse.getMessage());
    } catch (Exception e) 
    {
      System.out.println("Exception caught: " + e.toString());
    }
  
 
  }
}