Sun Java System Access Manager 7.1 Developer's Guide

Miscellaneous Customizations

Included in this section are procedures for several specific customizations available to administrators of the Access Manager console.

To Modify The Service Configuration Display

A service is a group of attributes that are managed together by the Access Manager console. Out-of-the-box, Access Manager loads a number of services it uses to manage its own features. For example, the configuration parameters of the Logging Service are displayed and managed in the Access Manager console, while code implementations within Access Manager use the attribute values to run the service.

To Modify The User Profile View

The Access Manager console creates a default User Service view based on information defined in the amUser.xml service file.

A modified user profile view with functionality more appropriate to the organization’s environment can be defined by creating a new ViewBean and/or a new JSP. For example, an organization might want User attributes to be formatted differently than the default vertical listing provided. Another customization option might be to break up complex attributes into smaller ones. Currently, the server names are listed in one text field as:

protocol://Access Manager_host. domain:port

Instead, the display can be customized with three text fields:

protocol_chooser_field://server_host_field :port_number_field

A third customization option might be to add JavaScript to the ViewBean to dynamically update attribute values based on other defined input. The custom JSP would be placed in the following directory: AccessManager-base/SUNWam/web-src/services/console/user. The ViewBean is placed in the classpath com.iplanet.am.console.user. The value of the attribute User Profile Display Class in the Administration Service (iplanet-am-admin-console-user- profile-class in the amAdminConsole.xml service file) would then be changed to the name of the newly created ViewBean. The default value of this attribute is com.iplanet.am.console.user.UMUserProfileViewBean.

Display Options For The User Profile Page

There are a number of attributes in the Administration Service that can be selected to display certain objects on the User Profile page. Display User’s Roles, Display User’s Groups and User Profile Display Options specify whether to display the roles assigned to a user, the groups to which a user is a member and the schema attributes, respectively. More information on these service attributes can be found in the Administration Guide.

To Localize The Console

All textual resource strings used in the console interface can be found in the amAdminModuleMsgs.properties file, located in AccessManager-base/SUNWam/locale/. The default language is English (en_US). Modifying this file with messages in a foreign language will localize the console.

To Display Service Attributes

Service attributes are defined in XML service files based on the sms.dtd . In order for a particular service attribute to be displayed in the console, it must be configured with the any XML attribute. The any attribute specifies whether the service attribute for which it is defined will display in the Access Manager console.

To Customize Interface Colors

All the colors of the console are configurable using the Access Manager style sheet adminstyle.css located in the AccessManager-base/SUNWam/web-src/services/console/css directory. For instance, to change the background color for the navigation frame, modify the BODY.navFrame tag; or to change the background color for the data frame, modify the BODY.dataFrame. The tags take either a text value for standard colors (blue, green, red, yellow, etc.) or a hexadecimal value (#ff0000, #aadd22, etc.). Replacing the default with another value will change the background color of the respective frame after the page is reloaded in the browser. Miscellaneous Customizations details the tag in adminstyle.css.


Example 11–1 BODY.navFrame Portion of adminstyle.css


BODY.navFrame   {
                color: black;
                background: #ffffff;
                }


                  

To Change The Default Attribute Display Elements

The console auto-generates Data frame pages based on the definition of a service’s attributes in an XML service definition file. Each service attribute is defined with the XML attributes type, uitype and syntax. Type specifies the kind of value the attribute will take. uitype specifies the HTML element displayed by the console. syntax defines the format of the value. The values of these attributes can be mixed and matched to alter the HTML element used by the console to display the values of the attributes. For example, by default, an attribute of the single_choice type displays its choices as a drop down list in which only one choice can be selected. This list can also be presented as a set of radio buttons if the value of the uitype attribute is changed to radio. Miscellaneous Customizations illustrates this concept.


Example 11–2 uitype XML Attribute Sample


 <AttributeSchema name="test-attribute"
                    type="single_choice"
                    syntax="string"
                    any="display"
                    uitype="radio"
                    i18nKey="d105">
                    <ChoiceValues>
 <ChoiceValue i18nKey="u200">Daily</ChoiceValue>
 <ChoiceValue i18nKey="u201">Weekly</ChoiceValue>
 <ChoiceValue i18nKey="u202">Monthly</ChoiceValue>
                    </ChoiceValues>
                    <DefaultValues>
                        <Value>Daily</Value>
                    </DefaultValues>
                </AttributeSchema>


                  

Miscellaneous Customizations is a listing of the possible values for each attribute, and the corresponding HTML element that each will display based on the different groupings.

Table 11–1 Service Attribute Values and Corresponding Display Elements

type Value 

syntax Value 

uitype Value 

Element Displayed In Console 

single_choice 

string 

No value defined 

pull-down menu choices 

   

radio 

radio button choices 

Single 

boolean 

No value defined 

checkbox 

   

radio 

radio button 

 

string 

No value defined 

text field 

   

link 

hyperlink 

   

button 

clickable button 

 

password 

No value defined 

text field 

 

paragraph 

No value defined 

scrolling text field 

list 

string 

No value defined 

Add/Delete name list 

   

name_value_list

Add/Edit/Delete name list 

multiple_choice

string 

No value defined 

choice list 

To Add A Module Tab

The section “Plug-In Modules” mentions the capability to plug-in external applications as modules. Once this is accomplished, the module needs to be accessible via the console by adding a new module tab. Label information for module tabs are found in the amAdminModuleMsgs.properties console properties file located in AccessManager-base/SUNWam/locale/. To add label information for a new module, add a key and value pair similar to module105_NewTab=My New Tab. Miscellaneous Customizations illustrates the default pairs in the file.


Example 11–3 Module Tab Key And Value Pairs


module101_identity=Identity Management
module102_service=Service Configuration
module103_session=Current Sessions
module104_federation=Federation Management
                  

The module name and a URL for the external application also need to be added to the View Menu Entries attribute in the Administration Service (or iplanet-am-admin-console-view-menu in the amAdminConsole.xml service file). When a module tab in the Header frame is clicked, this defined URL is displayed in the Navigation frame. For example, to define the display information for the tab sample, an entry similar to module105_NewTab|/amconsole/custom_directory /custom_NavPage would be added to the View Menu Entries attribute in the Administration Service.


Note –

The console retrieves all the entries from this attribute and sorts them by i18n key. This determines the tab display order in the Header frame.


After making these changes and restarting Access Manager, a new tab will be displayed with the name My New Tab.

To Display Container Objects

In order to create and manage LDAP organizational units (referred to as containers in the console), the following attributes need to be enabled (separately or together) in the Administration Service.

Viewing any of these display options is also dependent on whether the Enable User Management attribute is selected in the Administration Service. (This attribute is enabled by default after a new installation.) More information on these attributes can be found in the Administration Guide.