ここでは、サンプル・スクリプトとコネクタの生成およびインストール手順を含む、Generic Scriptingコネクタのユースケースの総合的な例を示します。
この例では、ターゲット・システムとしてOracle Databaseを使用し、コネクタ操作のサンプル・スクリプトはGroovyで記述します。
ここでは、次の項目について説明します。
次に、Generic Scriptingコネクタをサンプル環境用に生成して使用するステップのサマリーを示します。
ターゲット・システム・スキーマ向けにpropertiesを作成します。ターゲット・システム向けのスキーマ・ファイル作成の詳細は、「スキーマの定義」を参照してください。
ターゲット・システムと正常に接続するために、サンプル・ターゲット・システムに追加のパラメータが必要な場合は、リソース・プロパティ・ファイルを作成します。リソース・プロパティ・ファイルの作成方法の詳細は、「リソース・プロパティ・ファイルの準備」を参照してください。
コネクタで実行する操作用のスクリプトを決定して作成します。これには、コネクタを、ターゲット・リソース・モードまたは信頼できるソース・モードのどちらで実行するかの判断も含まれます。
ScriptConfiguration.groovyファイルを構成します。ScriptConfiguration.groovyファイルのエントリの詳細は、「ScriptConfiguration.groovyファイルの構成」を参照してください。
schema.propertiesファイルに指定されたターゲット・システム・スキーマに基づいてGeneric Scriptingコネクタを生成します。コネクタを生成するためのメタデータ・ジェネレータの実行方法の詳細は、「コネクタの生成」を参照してください。
コネクタのインストール・メディアに含まれているコネクタをインストールします。コネクタ・インストールの詳細は、「コネクタのインストール」を参照してください。
ステップ5で生成したコネクタをインストールします。コネクタ・インストールの詳細は、「コネクタのインストール」を参照してください。
ターゲット・システム用のITリソースを構成します。詳細は、ターゲット・システムのITリソースの構成を参照してください。
ターゲット・システムに対応するフォームを作成し、アプリケーション・インスタンスに関連付けます。詳細は、次の項を参照してください。
groovy-all.jarファイルを、Oracle Identity Managerをホストしているコンピュータにある最新バージョンで置き換えます。groovy-all.jarファイルの置き換えの詳細は、「groovy-all.jarファイルの置き換え」を参照してください。
次に、データベース作成のサンプル・スキーマ・ファイルを示します。
CREATE TABLE "GENERIC_PARENT" ( "USERID" VARCHAR2(20 BYTE) NOT NULL ENABLE, "PASSWORD" VARCHAR2(20 BYTE), "STATUS" VARCHAR2(20 BYTE), "LAST_UPDATE" TIMESTAMP (6) DEFAULT CURRENT_TIMESTAMP, "FIRSTNAME" VARCHAR2(20 BYTE), "LASTNAME" VARCHAR2(20 BYTE), "ORG" VARCHAR2(20 BYTE), "CITY" VARCHAR2(20 BYTE), "EMPLOYEE_NUMBER" NUMBER, "STARTDATE" DATE, "USERNAME" VARCHAR2(20 BYTE), "EMAIL" VARCHAR2(20 BYTE), "ENDDATE" DATE, "LONGVALUE" LONG, "FLOATVALUE" FLOAT(126), "CHARVALUE" CHAR(1 BYTE), CONSTRAINT "GENERIC_PARENT_PK" PRIMARY KEY ("USERID") ) CREATE TABLE "GENERIC_GROUP" ( "USERID" VARCHAR2(20 BYTE), "GROUPNAME" VARCHAR2(20 BYTE), "STARTDATE" DATE, "GROUPID" NUMBER, CONSTRAINT "GENERIC_GROUP_GENERIC_PAR_FK1" FOREIGN KEY ("USERID") REFERENCES "GENERIC_PARENT" ("USERID") ENABLE ) CREATE TABLE "GENERIC_ROLE" ( "USERID" VARCHAR2(20 BYTE), "ROLENAME" VARCHAR2(20 BYTE), "ROLEID" NUMBER, "STARTDATE" DATE, CONSTRAINT "ROLE_FK" FOREIGN KEY ("USERID") REFERENCES "GENERIC_PARENT" ("USERID") ENABLE ) Trigger for Last_Update CREATE OR REPLACE TRIGGER UPDATE_LASTUPDATED BEFORE INSERT OR UPDATE ON GENERIC_PARENT REFERENCING OLD AS OLDREC NEW AS NEWREC FOR EACH ROW BEGIN :NEWREC.LAST_UPDATE := sysdate; END; Create Procedure create or replace package types as type cursorType is ref cursor; end;
サンプルのターゲット・システム(Oracle Database)には、GENERICという名前のスキーマが含まれます。このスキーマには、GENERIC_PARENT、GENERIC_GROUP、GENERIC_ROLE、およびGENERIC_ORGANIZATIONSの表が含まれます。
次の各項では、GENERICスキーマの表それぞれに含まれる列について説明します。
表B-1に、GENERIC.GENERIC_PARENT表の列を示します。
表B-1 GENERIC.GENERIC_PARENT表の説明
列名 | タイプ | 説明 |
---|---|---|
USERID |
VARCHAR2(20) |
NOT NULL、PRIMARY |
PASSWORD |
VARCHAR2(20) |
|
STATUS |
VARCHAR2(20) |
|
LAST_UPDATE |
TIMESTAMP (6) |
この列は、増分リコンシリエーション中に使用されます。 |
FIRSTNAME |
VARCHAR2(20) |
|
LASTNAME |
VARCHAR2(20) |
|
ORG |
VARCHAR2(20) |
|
CITY |
VARCHAR2(20) |
|
EMPLOYEE_NUMBER |
NUMBER |
|
STARTDATE |
DATE |
|
USERNAME |
VARCHAR2(20) |
|
VARCHAR2(20) |
||
ENDDATE |
DATE |
|
LONGVALUE |
LONG |
|
FLOATVALUE |
FLOAT(126) |
|
CHARVALUE |
CHAR(1) |
表B-2に、GENERIC.GENERIC_GROUP表の列を示します。
表B-2 GENERIC.GENERIC_GROUP表の説明
列名 | タイプ | 説明 |
---|---|---|
USERID |
VARCHAR2(20) |
FOREIGN KEY |
GROUPNAME |
VARCHAR2(20) |
|
STARTDATE |
DATE |
|
GROUPID |
NUMBER |
表B-3に、GENERIC.GENERIC_ROLE表の列を示します。
表B-3 GENERIC.GENERIC_ROLE表の説明
列名 | タイプ | 説明 |
---|---|---|
USERID |
VARCHAR2(20) |
FOREIGN KEY |
ROLENAME |
VARCHAR2(20) |
|
STARTDATE |
DATE |
|
ROLEID |
NUMBER |
表B-4に、GENERIC.ORGANIZATIONS表の列を示します。
表B-4 GENERIC.ORGANIZATIONS表の説明
列名 | タイプ |
---|---|
ORGNAME |
VARCHAR2(20) |
ORGID |
VARCHAR2(20) |
ターゲット・システムの構造を表すスキーマ・ファイルを作成します。次に、サンプル・スキーマ・ファイルを示します。このサンプルには、増分リコンシリエーション中に使用されるLAST_UPDATE属性も含まれます。
#Sample Schema file #List of fields FieldNames=USERID,PASSWORD,USERNAME,STATUS,EMAIL,FIRSTNAME,LASTNAME,ORGANIZATION,CITY,EMPLOYEE_NUMBER,STARTDATE,ENDDATE,LONGVALUE,FLOATVALUE,CHARVALUE,GENERIC_GROUP,GENERIC_ROLE #Unique ID Attribute UidAttribute=USERID #Account Name attribute NameAttribute=USERNAME #Multivalued attributes GENERIC_GROUP.Multivalued=true GENERIC_ROLE.Multivalued=true #Subfields for complex child form GENERIC_GROUP.Subfields=GROUPNAME,STARTDATE,GROUPID GENERIC_ROLE.Subfields=ROLENAME,ROLEID,STARTDATE #Complex child form objectClass GENERIC_ROLE.EmbeddedObjectClass=MyROLES GENERIC_GROUP.EmbeddedObjectClass=MyGROUPS #Datatypes (Default:String) GENERIC_ROLE.STARTDATE.DataType=Long GENERIC_GROUP.STARTDATE.DataType=Long GENERIC_GROUP.GROUPID=Integer GENERIC_ROLE.ROLEID=Integer STARTDATE.DataType=Long ENDDATE.DataType=Long EMPLOYEE_NUMBER.DataType=Integer LONGVALUE.DataType=Long FLOATVALUE.DataType=Double #Incremental reconciliation attribute with datatype set to Long LAST_UPDATE.DataType=Long #Parent and child form mandatory fields GENERIC_ROLE.ROLENAME.Required=true GENERIC_GROUP.GROUPNAME.Required=true #Date format SystemDateFormat=ddmmyy #Password Attribute PasswordAttribute=PASSWORD #Account Status Attribute and Mapping StatusAttribute=STATUS STATUS.True=Enabled STATUS.False=Disabled
次に、trustedとtargetのセクションの両方のサンプル・エントリを示した、サンプルScriptConfiguration.groovyファイルを示します。
/* * Run like: * In Windows: GenericScriptGenerator.cmd ..\resources\ScriptConfiguration.groovy trusted * In Linux/Unix: sh GenericScriptGenerator.sh ../resources/ScriptConfiguration.groovy trusted */ trusted { /* * ITResource name */ itResourceDefName='GenScr' // This will be used as a base name for all metadata across the connector // itResourceName="$itResourceDefName" //the same as itResourceDefName by default /* * Output files */ connectorDir="../$itResourceDefName" // output dir of the connector, is the same as it resource name by default xmlFile='GenScr-ConnectorConfig.xml' // name of the dm xml of the connector configFileName='GenScr-CI.xml' // name of the config xml propertiesFile='GenScr.properties' // name of the resources/properties file version='11.1.1.5.0' // connector version /* * Trusted/Target mode * For trusted, we will not create forms, dataobjects and event handlers * For target, we will create all above metadata */ trusted=true // Flag to denote if the mode is trusted or not /* * Location of the generic script bundle jar */ bundleJar='../lib/org.identityconnectors.genericscript-1.0.11150.jar' /* * The Configuration used to run the generic script bundle mentioned above, and get the schema by calling its SchemaOp, which is required for generating metadata */ config = [ 'schemaFile' : 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/trusted/schema_sampletarget.txt', //This property is used during metadata generator, provide file:///url of the file 'resourceProperties' : 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/trusted/resource.properties', // Location of properties file which defines target specific resource parameters, provide file:///url of the file 'host' : 'example.org', 'port' : '1521', 'user' : 'generic', 'changeLogColumn':'LAST_UPDATE', 'executeQueryScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/trusted/executequeryutil.groovy', // provide the file:///url of the script 'syncScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/trusted/sync.groovy', // provide the file:///url of the script 'connectionScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/trusted/connection.groovy', // provide the file:///url of the script 'checkAliveScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/trusted/checkAlive.groovy', // provide the file:///url of the script 'disposeScript': '', // provide the file:///url of the script 'scriptType': 'GROOVY' // proved script type, valid entries are GROOVY,BEANSHELL,JAVASCRIPT ] /** * Provide the attribute list that need to be handled as Date on process form * Make sure these fields datatype in schema should be long * dateAttributeList is not a mandatory field **/ dateAttributeList = ["STARTDATE","ENDDATE"] /** * Define alias for object class if it is other than ObjectClass.ACCOUNT_NAME and ObjectClass.GROUP_NAME */ //objectClassAlias = ['Person'] /** * Alias are used to map the OIM User Form attributes with the Connector Attributes. * The Format is of 'Connector Attribute':'OIM User Form Attribute' * Mandatory alias shouldn't be removed. Customer can update these mandatory attributes but should not be removed * Customer can add other aliases to the OIM User form fields **/ // Mapping is mandatory for attributes User Login, Last Name,Organization, Xellerate Type and Role. One can modify the required mappings but shouldn't delete them. //UID field is not required in trusted but if customer wanted to add UID field then one can map it to a valid OIM User Form Label alias = ['__NAME__':'User Login', 'LASTNAME':'Last Name','Organization':'Organization Name', 'Employee Type':'Xellerate Type', 'Role':'Role'] //Extend the aliases to include more connector attributes for trusted by mapping alias += ['__ENABLE__':'Status', 'FIRSTNAME':'First Name', 'EMAIL':'Email', 'STARTDATE':'Start Date','ENDDATE':'End Date','EMPLOYEE_NUMBER':'Employee Number']} /* * * Run like: * In Windows: GenericScriptGenerator.cmd ..\resources\ScriptConfiguration.groovy target * In Linux/Unix: sh GenericScriptGenerator.sh ../resources/ScriptConfiguration.groovy target */ target { /* * ITResource name */ itResourceDefName='GenericScriptTarget' // This will be used as a base name for all metadata across the connector // itResourceName="$itResourceDefName" //the same as itResourceDefName by default /** * Give the name of the Application Instance that need to be generated. By default Application Instance name is taken as itResourceDefName * Application Instance is not a mandatory field **/ //applicationInstanceName="$itResourceDefName" /* * Output files */ // connectorDir="../$itResourceDefName" // output dir of the connector, is the same as it resource name by default // xmlFile='GenericScriptTarget-ConnectorConfig.xml' // name of the dm xml of the connector // configFileName='GenericScriptTarget-CI.xml' // name of the config xml // propertiesFile='GenericScriptTarget-generator.properties' // name of the resources/properties file // version='11.1.1.5.0' // connector version /* * Location of the generic script bundle jar */ bundleJar='../lib/org.identityconnectors.genericscript-1.0.11150.jar' /* * The Configuration used to run the generic script bundle mentioned above, and get the schema by calling its SchemaOp, which is required for generating metadata */ config = [ 'schemaFile' : 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/schema_sampletarget.txt', //This property is used during metadata generator, provide file:///url of the file 'resourceProperties' : 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/resource.properties', // Location of properties file which defines target specific resource parameters, provide file:///url of the file 'host' : 'example.com', 'port' : '1521', 'user' : 'generic', 'changeLogColumn':'LAST_UPDATE', 'createScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/create.groovy', // provide the file:///url of the script 'updateScript': 'file:///scratch/jode/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/update.groovy', // provide the file:///url of the script 'deleteScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/update.groovy', // provide the file:///url of the script 'executeQueryScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/executequeryutil.groovy', // provide the file:///url of the script 'lookupScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/lookup.groovy', // provide the file:///url of the script 'syncScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/syncutil.groovy', // provide the file:///url of the script 'addMultiValuedAttributeScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/addchilddata.groovy', // provide the file:///url of the script 'removeMultiValuedAttributeScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/removechilddata.groovy', // provide the file:///url of the script 'connectionScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/connection.groovy', // provide the file:///url of the script //'checkAliveScript': 'file:///scratch/jdoe/OIMR2PS3/mw3722/idm6004/server/ConnectorDefaultDirectory/genericscript-11.1.1.5.0/metadata-generator/resources/target/checkAlive.groovy', // provide the file:///url of the script //'disposeScript': '', // provide the file:///url of the script 'scriptType': 'GROOVY' // proved script type, valid entries are GROOVY,BEANSHELL,JAVASCRIPT ] /** * Lookup List is the list of attributes for which we need to create lookups and map those fields as lookup in form. * For Main Process Form Fields and a Multivalued field the format is * lookupAttributeList=["FieldName"] * For Embedded Multi Valued field the format is * lookupAttributeList=["ObjectClassName.SubFieldName"] * lookups will be generated with the FieldNames in format Lookup.${ITResource}.${FieldName} * * lookupList is not a mandatory field */ lookupAttributeList=['MyROLES.ROLENAME','MyGROUPS.GROUPNAME','ORGANIZATION'] /* entitlementAttributeList is the list of fully Qualified field names to which entitlements need to be tagged. * If you require entitlements for a multi valued attribute which is embedded then the format should be as * entitlementAttributeList=["${ObjectClass}.SubFieldName"] * If the attribute is just a MultiValued then the format is * entitlementAttributeList=["MultiValuedFieldName"] * * entitlementAttributeList is not a mandatory attribute */ entitlementAttributeList=["MyROLES.ROLENAME","MyGROUPS.GROUPNAME"] /** * Define alias for object class if it is other than ObjectClass.ACCOUNT_NAME and ObjectClass.GROUP_NAME */ //objectClassAlias = ['Person'] /** * Provide the attribute list that need to be handled as Date on process form * Make sure these fields datatype in schema should be long * dateAttributeList is not a mandatory field **/ dateAttributeList = ["STARTDATE","ENDDATE","MyROLES.STARTDATE","MyGROUPS.STARTDATE"] /* * Target attribute to user fields alias */ //Mandatory alias alias = ['__UID__':'USERID', '__NAME__':'USERNAME'] //Optional aliases if any (Can also be used to give short names for lengthy attribute names) alias += ['GENERIC_ROLE':'GR','GENERIC_GROUP':'GG','ENDDATE':'ed', 'EMPLOYEE_NUMBER':'Emp'] /* * Generate prepopulate adapters */ prepopulate = ['__NAME__':'User Login', 'FIRSTNAME':'First Name', 'LASTNAME':'Last Name', '__PASSWORD__':'Password','EMAIL':'Email'] }
次に、サンプルのresource.propertiesファイルを示します。このサンプルには、Oracle Identity Managerとターゲット・システムの間で接続を確立するためにコネクタで使用される追加パラメータが含まれます。
portNumber=1521 databaseName=orcl
ここでは、サンプル・ターゲット・システムでGeneric Scriptingコネクタを使用してコネクタ操作を実行するために使用するスクリプトを示します。
この項で紹介するスクリプトはすべてGroovyスクリプト言語を使用して記述されています。
稼働状態のチェック・スクリプトでは、コネクタとターゲット・システム間の物理的接続が稼働しているかどうかが定期的に検証されます。稼働状態のチェック・スクリプトのサンプルを次に示します。
package groovy; import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import oracle.jdbc.driver.OracleDriver; import org.identityconnectors.framework.common.exceptions.ConnectionFailedException; import org.identityconnectors.framework.common.exceptions.ConnectorException; import groovy.sql.Sql; ResultSet result = null; PreparedStatement stmt = null; trace.info("Checking database connection is valid or not"); try { if (conn == null || conn.isClosed()) { trace.info("Connection is closed") throw new ConnectionFailedException("Connection Failed "); } trace.info("test connection using SELECT 1 FROM DUAL"); //execute sample query to check database connection is valid or not stmt = conn.prepareStatement("SELECT 1 FROM DUAL"); result = stmt.executeQuery(); trace.info("connection is valid"); } catch (SQLException ex) { //Throw an error if any error while executing the query throw new ConnectionFailedException("Connection Failed "); }
接続スクリプトでは、コネクタとターゲット・システム間の接続が作成されます。接続スクリプトのサンプルを次に示します。
package groovy; import java.sql.Connection; import java.sql.DriverManager; import oracle.jdbc.driver.OracleDriver; import org.identityconnectors.framework.common.exceptions.ConnectorException; import groovy.sql.Sql; import oracle.jdbc.pool.OracleDataSource; import org.identityconnectors.common.security.GuardedString; Connection ret = null; try { OracleDataSource ds = new OracleDataSource() ds.user = configuration.getUser() // Read user from IT resource //Password field is encrypted, use GuardedString.Accessor for reading password GuardedString guard= configuration.getPassword() guard.access(new GuardedString.Accessor() { public void access(char[] clearChars) { ds.password=new String(clearChars); } } ); ds.driverType = 'thin' ds.serverName = configuration.getHost() ds.portNumber = Integer.parseInt(configuration.getPortNumber()) //get Port number defined in resources.properties file ( portNumber = 19999) ds.databaseName = configuration.getDatabaseName() //get database name defined in resources.properties file ( portNumber = 19999) // load the driver class.. test = Sql.newInstance(ds) ret =test.createConnection() ret.setAutoCommit(true); }//end try catch (Exception e) { trace.error(e, "Exception while connecting to database"); throw ConnectorException.wrap(e); } //Must return connection object, so that same connection will be available to all subsequent scripts return ret;
構成オブジェクトを破棄するサンプル・スクリプトを次に示します。
package groovy; import org.identityconnectors.framework.common.exceptions.ConnectionFailedException; trace.info("[Dispose-Groovy] Closing the connection"); try { //Close the connection. conn is the script argument conn.close(); } catch(Exception e) { throw new ConnectionFailedException("Could not close connection, Connection already closed"); }
作成プロビジョニング操作を実行するためのサンプルgroovyスクリプトを次に示します。
"package groovy import java.sql.PreparedStatement; import java.sql.ResultSet; import java.text.*; import java.util.Date.*; import org.identityconnectors.common.security.GuardedString; import org.identityconnectors.framework.common.objects.*; import java.text.*; // START HERE System.out.println("[Create-Groovy] Attributes::"+attributes); //USERID,PASSWORD,USERNAME,STATUS,EMAIL,FIRSTNAME,LASTNAME,ORGANIZATION,CITY,EMPLOYEE_NUMBER,STARTDATE,ENDDATE,LONGVALUE,FLOATVALUE,CHARVALUE //Get all the attributes from script argument // This shows how to read arrtibures String uid = attributes.get("__NAME__")!=null? attributes.get("__NAME__").getValue().get(0):null; GuardedString pass = attributes.get("__PASSWORD__")!=null? attributes.get("__PASSWORD__").getValue().get(0):null; String uname = attributes.get("__NAME__")!=null? attributes.get("__NAME__").getValue().get(0):null; enableValue = attributes.get("__ENABLE__")!=null? attributes.get("__ENABLE__").getValue().get(0):true; String email=attributes.get("EMAIL")!=null? attributes.get("EMAIL").getValue().get(0):null; String first=attributes.get("FIRSTNAME")!=null? attributes.get("FIRSTNAME").getValue().get(0):null; String last=attributes.get("LASTNAME")!=null? attributes.get("LASTNAME").getValue().get(0):null; String org=attributes.get("ORGANIZATION")!=null? attributes.get("ORGANIZATION").getValue().get(0):null; String city=attributes.get("CITY")!=null? attributes.get("CITY").getValue().get(0):null; emp=attributes.get("EMPLOYEE_NUMBER")!=null? attributes.get("EMPLOYEE_NUMBER").getValue().get(0):null; startdate = attributes.get("STARTDATE")!=null? attributes.get("STARTDATE").getValue().get(0):null; enddate = attributes.get("ENDDATE")!=null? attributes.get("ENDDATE").getValue().get(0):null; String longval=attributes.get("LONGVALUE")!=null? attributes.get("LONGVALUE").getValue().get(0):null; floatval=attributes.get("FLOATVALUE")!=null? attributes.get("FLOATVALUE").getValue().get(0):null; charval=attributes.get("CHARVALUE")!=null? attributes.get("CHARVALUE").getValue().get(0):null; PreparedStatement createStmt = null; String ret =null; try { //Call Target API to create a user //createStmt = conn.prepareStatement(....); or createStmt = conn.createStatement(....); //createStmt = conn.prepareStatement("INSERT INTO generic_view(USERID,PASSWORD,USERNAME,STATUS,EMAIL,FIRSTNAME,LASTNAME,ORGANIZATION,CITY,EMPLOYEE_NUMBER,STARTDATE,ENDDATE,LONGVALUE,FLOATVALUE,CHARVALUE) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"); //Set the input parameters createStmt = conn.prepareStatement("INSERT INTO GENERIC_PARENT(USERID,PASSWORD,USERNAME,STATUS,EMAIL,FIRSTNAME,LASTNAME,ORG,CITY,EMPLOYEE_NUMBER,STARTDATE,ENDDATE,LONGVALUE,FLOATVALUE,CHARVALUE) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"); createStmt.setString(1, uid); if(pass!=null) { pass.access(new GuardedString.Accessor(){ public void access(char[] clearChars) { createStmt.setString(2, new String(clearChars));} }); } else createStmt.setString(2,null); createStmt.setString(3, uname); if(enableValue) createStmt.setString(4,"Enabled"); else createStmt.setString(4,"Disabled"); createStmt.setString(5, email); createStmt.setString(6, first); createStmt.setString(7, last); createStmt.setString(8, org); createStmt.setString(9, city); if (emp!=null) createStmt.setInt(10, emp); else { createStmt.setNull(10, java.sql.Types.INTEGER); } DateFormat formatter = new SimpleDateFormat("dd-MMM-yy"); if (startdate!=null) { if (startdate == 0){ createStmt.setString(11,null); } else { Date da=new Date(startdate); st=formatter.format(da); createStmt.setString(11,st); //createStmt.setString(11,null); } } if(enddate!=null) { if (enddate == 0) createStmt.setString(12,null); else { Date eda= new Date(enddate); et= formatter.format(eda); createStmt.setString(12,et); //createStmt.setString(12,null); } } //else createStmt.setObject(12, null); createStmt.setString(13, longval); if(floatval!=null) { createStmt.setDouble(14, floatval);} else createStmt.setNull(14, java.sql.Types.FLOAT); if(charval!=null) createStmt.setString(15, charval); else createStmt.setObject(15, null); createStmt.executeUpdate(); } finally{ //close the sql statements if (createStmt != null) createStmt.close(); } System.out.println("[Create] Created User::"+uid); //Return Uid from the script return new Uid(uid); "
更新プロビジョニング操作を実行するためのサンプルgroovyスクリプトを次に示します。
"package groovy import java.sql.PreparedStatement; import oracle.jdbc.driver.OraclePreparedStatement; import java.sql.ResultSet; import java.text.*; import java.util.Date.*; import org.identityconnectors.framework.common.exceptions.*; import org.identityconnectors.framework.common.objects.*; import org.identityconnectors.common.security.GuardedString; import java.text.*; System.out.println("[Update-Groovy] Atrributes::"+ attributes); //During an Update operation,OIM sends the UID attribute along with updated attributes. //Get all the values of attributes String uid = attributes.get("__UID__")!=null? attributes.get("__UID__").getValue().get(0):null; GuardedString pass = attributes.get("__PASSWORD__")!=null? attributes.get("__PASSWORD__").getValue().get(0):null; String uname = attributes.get("__NAME__")!=null? attributes.get("__NAME__").getValue().get(0):null; enableValue = attributes.get("__ENABLE__")!=null? attributes.get("__ENABLE__").getValue().get(0):true; String email=attributes.get("EMAIL")!=null? attributes.get("EMAIL").getValue().get(0):null; String first=attributes.get("FIRSTNAME")!=null? attributes.get("FIRSTNAME").getValue().get(0):null; String last=attributes.get("LASTNAME")!=null? attributes.get("LASTNAME").getValue().get(0):null; String org=attributes.get("ORG")!=null? attributes.get("ORG").getValue().get(0):null; String city=attributes.get("CITY")!=null? attributes.get("CITY").getValue().get(0):null; emp = attributes.get("EMPLOYEE_NUMBER")!=null? attributes.get("EMPLOYEE_NUMBER").getValue().get(0):null; startdate = attributes.get("STARTDATE")!=null? attributes.get("STARTDATE").getValue().get(0):null; enddate = attributes.get("ENDDATE")!=null? attributes.get("ENDDATE").getValue().get(0):null; longval = attributes.get("LONGVALUE")!=null? attributes.get("LONGVALUE").getValue().get(0):null; floatval = attributes.get("FLOATVALUE")!=null? attributes.get("FLOATVALUE").getValue().get(0):null; charval=attributes.get("CHARVALUE")!=null? attributes.get("CHARVALUE").getValue().get(0):null; //Throw exception if uid is null if(uid==null) throw new ConnectorException("UID Cannot be Null"); PreparedStatement upstmt = null; //upstmt=null; try { //Call Target APIS to update the record //stmt = conn.prepareStatement(....); or stmt = conn.createStatement(....); //upstmt = conn.prepareStatement("UPDATE GENERIC_PARENT SET PASSWORD=COALESCE(?,PASSWORD),USERNAME=COALESCE(?,USERNAME),STATUS=COALESCE(?, STATUS), EMAIL= COALESCE(?, EMAIL),FIRSTNAME=COALESCE(?, FIRSTNAME),LASTNAME =COALESCE(?, LASTNAME), ORGANIZATION= COALESCE(?, ORGANIZATION), CITY= COALESCE(?, CITY), EMPLOYEE_NUMBER= COALESCE(?, EMPLOYEE_NUMBER), STARTDATE=COALESCE(to_date(?,'dd-Mon-yy'), STARTDATE),ENDDATE=COALESCE(to_date(?,'dd-Mon-yy'), ENDDATE),LONGVALUE=COALESCE(?, LONGVALUE),FLOATVALUE=COALESCE(?, FLOATVALUE),CHARVALUE=COALESCE(?, CHARVALUE) WHERE USERID =?"); upstmt = conn.prepareStatement("UPDATE GENERIC_PARENT SET PASSWORD=COALESCE(?,PASSWORD),USERNAME=COALESCE(?,USERNAME),STATUS=COALESCE(?, STATUS), EMAIL= COALESCE(?, EMAIL),FIRSTNAME=COALESCE(?, FIRSTNAME),LASTNAME =COALESCE(?, LASTNAME), ORG= COALESCE(?, ORG), CITY= COALESCE(?, CITY), EMPLOYEE_NUMBER= COALESCE(?, EMPLOYEE_NUMBER),STARTDATE=COALESCE(to_date(?,'dd-Mon-yy'), STARTDATE),ENDDATE=COALESCE(to_date(?,'dd-Mon-yy'), ENDDATE),FLOATVALUE=COALESCE(?, FLOATVALUE),CHARVALUE=COALESCE(?, CHARVALUE) WHERE USERID =?"); //Set the input parameters if(pass!=null) { pass.access(new GuardedString.Accessor(){ public void access(char[] clearChars) { upstmt.setString(1, new String(clearChars)); System.out.println("password is "+ new String(clearChars)); } }); } else upstmt.setString(1,null); upstmt.setString(2, uname); if(enableValue) upstmt.setString(3,"Enabled"); else upstmt.setString(3,"Disabled"); upstmt.setString(4, email); upstmt.setString(5, first); upstmt.setString(6, last); upstmt.setString(7, org); upstmt.setString(8, city); println("before employee"); if (emp!=null) upstmt.setInt(9, emp); else { upstmt.setNull(9, java.sql.Types.INTEGER); } println("before startdate"); DateFormat formatter = new SimpleDateFormat("dd-MMM-yy"); if (startdate!=null) { Date da=new Date(startdate); st=formatter.format(da); upstmt.setString(10,st); } else upstmt.setString(10,null); if(enddate!=null) { Date eda= new Date(enddate); et= formatter.format(eda); upstmt.setString(11,et); } else upstmt.setString(11,null); println("before long"); //if(longval!=null){upstmt.setLong(12, longval);} //else upstmt.setNull(12, java.sql.Types.BIGINT); println("before float"); if(floatval!=null){upstmt.setDouble(12, floatval);} else upstmt.setNull(12, java.sql.Types.FLOAT); if(charval!=null) upstmt.setString(13, charval); else upstmt.setObject(13, null); upstmt.setString(14, uid); upstmt.executeUpdate(); } finally { if (upstmt!= null) upstmt.close(); }; System.out.println("[Update] Updated user::"+ uid); return new Uid(uid);"
削除プロビジョニング操作を実行するためのサンプルgroovyスクリプトを次に示します。
"package groovy; import java.sql.PreparedStatement; import org.identityconnectors.framework.common.objects.*; //Get the UID from the input map 'attributes' String uid = attributes.get("__UID__").getValue().get(0); System.out.println("[Delete-Groovy] Deleting user:: "+ uid); try { ///Delete data from child tables and then, main table //Delete user roles st = conn.prepareStatement("DELETE FROM GENERIC_ROLE WHERE USERID=?"); st.setString(1, uid); st.executeUpdate(); // st.close(); //Delete user groups st = conn.prepareStatement("DELETE FROM GENERIC_GROUP WHERE USERID=?"); st.setString(1, uid); st.executeUpdate(); //st.close(); //Delete user account st = conn.prepareStatement("DELETE FROM GENERIC_PARENT WHERE USERID=?"); st.setString(1, uid); st.executeUpdate(); } finally { if (st != null) st.close(); }; System.out.println("Deleted user:: "+ uid); "
複数値の子データを追加するためのサンプルgroovyスクリプトを次に示します。
"package groovy import org.identityconnectors.framework.common.objects.*; import java.text.*; System.out.println("[addMultiValuedAttributeScript-Groovy] Adding Child data::"+ attributes); childst =null; try { //Adding Group data childDataEOSet = null; //The child attributes are returned as a set of embedded objects. Each Embedded object // will provide a row of data in the child table. // Logic for handling simple multi valued attributes if(attributes.get("GENERIC_GROUP")!=null) // Here "Groups" is object class of simple multi-valued attribute { childDataEOSet=attributes.get("GENERIC_GROUP").getValue(); childst=conn.prepareStatement("INSERT INTO GENERIC_GROUP VALUES (?,?,?,?)"); String id = attributes.get("__UID__").getValue().get(0); if(childDataEOSet !=null){ //Iterate through child data and insert into table System.out.println("[addMultiValuedAttributeScript] Adding Group data."); for( iterator = childDataEOSet.iterator(); iterator.hasNext(); ) { eo = iterator.next(); attrsSet=eo.getAttributes(); grpattr=AttributeUtil.find("GROUPID",attrsSet); //grpattr= eo; if(grpattr!=null){ // You are iterating simple multi valued attributes here, Call target APIs here //conn object is available here groupid=grpattr.getValue().get(0); groupname=AttributeUtil.find("GROUPNAME",attrsSet).getValue().get(0); groupstart=AttributeUtil.find("STARTDATE",attrsSet).getValue().get(0); childst.setString(1, id); childst.setString(2, groupname); Date da=new Date(groupstart); SimpleDateFormat formatter = new SimpleDateFormat("dd-MMM-yy"); String st=formatter.format(da); childst.setString(3, st); childst.setString(4, groupid); childst.executeUpdate(); childst.clearParameters(); } }; } } } finally { if (childst != null) childst.close(); }; try { childDataEOSet = null; // Logic for handling Complex multi valued attributes if(attributes.get("GENERIC_ROLE")!=null)// Here "Roles" is object class of simple multi-valued attribute { childDataEOSet=attributes.get("GENERIC_ROLE").getValue(); childst=conn.prepareStatement("INSERT INTO GENERIC_ROLE VALUES (?,?,?,?)"); String id = attributes.get("__UID__").getValue().get(0); if(childDataEOSet !=null) { System.out.println("[addMultiValuedAttributeScript] Adding Role data."); for( iterator = childDataEOSet.iterator(); iterator.hasNext(); ) { eo = iterator.next(); attrsSet = eo.getAttributes(); // Get all the attributes of child object roleattr=AttributeUtil.find("ROLEID",attrsSet); // You are iterating complex multi valued attributes here, Call target APIs here //conn object is available here if(roleattr!=null){ // You are iterating simple multi valued attributes here, Call target APIs here //conn object is available here roleid=roleattr.getValue().get(0); rolename=AttributeUtil.find("ROLENAME",attrsSet).getValue().get(0); rolestart=AttributeUtil.find("STARTDATE",attrsSet).getValue().get(0); childst.setString(1, id); childst.setString(2, rolename); childst.setString(3, roleid); Date da=new Date(rolestart); SimpleDateFormat formatter = new SimpleDateFormat("dd-MMM-yy"); String st=formatter.format(da); childst.setString(4, st); childst.executeUpdate(); childst.clearParameters(); } }; } } } finally { if (childst != null) childst.close(); };
この項では、複数値の子データを削除するためのサンプルgroovyスクリプトを示します。このスクリプトは、ターゲット・システムで作成されたDELETE_USERGROUPおよびDELETE_USERROLEストアド・プロシージャを呼び出します。
DELETE_USERGROUPのプロシージャは次のとおりです。
"create or replace PROCEDURE DELETE_USERGROUP (user_id GENERIC_GROUP.USERID%TYPE , group_id GENERIC_GROUP.GROUPID%TYPE ) AS BEGIN DELETE from GENERIC_GROUP where groupid=group_id and userid=user_id; END DELETE_USERGROUP;"
DELETE_USERROLEのプロシージャは次のとおりです。
"create or replace PROCEDURE DELETE_USERROLE (user_id GENERIC_ROLE.USERID%TYPE , role_id GENERIC_ROLE.ROLEID%TYPE ) AS BEGIN DELETE FROM GENERIC_ROLE where userid=user_id and roleid=role_id ; END DELETE_USERROLE;"
複数値の子データを削除するためのサンプルgroovyスクリプトを次に示します。
"import org.identityconnectors.framework.common.objects.*; System.out.println("[removeMultiValuedAttributeScript] Removing Child data::"+ attributes); try { childDataEOSet = null; delSt = null; //Get UID String id = attributes.get("__UID__").getValue().get(0); if(attributes.get("GENERIC_GROUP")!=null) { childDataEOSet=attributes.get("GENERIC_GROUP").getValue(); //Delete child data using stored procedure delSt= conn.prepareCall("{call DELETE_USERGROUP(?,?)}"); if(childDataEOSet !=null){ System.out.println("[removeMultiValuedAttributeScript] Removing Group data."); //Iterate through child data and delete for( iterator = childDataEOSet.iterator(); iterator.hasNext(); ) { eo = iterator.next(); attrsSet = eo.getAttributes(); grpattr=AttributeUtil.find("GROUPID",attrsSet); if(grpattr!=null){ groupid=grpattr.getValue().get(0); delSt.setString(1, id); delSt.setString(2, groupid); delSt.executeUpdate(); System.out.println("[removeMultiValuedAttributeScript] Deleted Group::"+ grpattr); } }; } } } finally { if (delSt != null) delSt.close(); }; try { childDataEOSet = null; delSt = null; String id = attributes.get("__UID__").getValue().get(0); if(attributes.get("GENERIC_ROLE")!=null) { childDataEOSet=attributes.get("GENERIC_ROLE").getValue(); delSt= conn.prepareCall("{call DELETE_USERROLE(?,?)}"); if(childDataEOSet !=null){ System.out.println("[removeMultiValuedAttributeScript] Removing Role data."); for( iterator = childDataEOSet.iterator(); iterator.hasNext(); ) { eo = iterator.next(); attrsSet = eo.getAttributes(); roleattr=AttributeUtil.find("ROLEID",attrsSet); if(roleattr!=null){ rolename=roleattr.getValue().get(0); delSt.setString(1, id); delSt.setString(2, rolename); delSt.executeUpdate(); System.out.println("[removeMultiValuedAttributeScript] Deleted Role::"+ rolename); } }; } } } finally { if (delSt != null) delSt.close(); };
ここでは、Role Name、Group NameおよびOrganizationの参照フィールドで参照フィールド同期を実行するための、サンプルgroovyスクリプトを示します。このスクリプトは、ターゲット・システムに作成されたGET_ROLES、GET_GROUPSおよびGET_ORGANIZATIONSのストアド・プロシージャを呼び出します。
GET_ROLESのプロシージャは次のとおりです。
"create or replace PROCEDURE GET_ROLES ( user_cursor OUT TYPES.cursorType ) AS BEGIN OPEN user_cursor FOR SELECT ROLENAME,ROLEID from GENERIC_ROLES; END GET_ROLES;"
GET_GROUPSのプロシージャは次のとおりです。
"create or replace PROCEDURE GET_GROUPS ( user_cursor OUT TYPES.cursorType ) AS BEGIN OPEN user_cursor FOR SELECT GROUPNAME,GROUPID from GENERIC_GROUPS; END GET_GROUPS;"
GET_ORGANIZATIONSのプロシージャは次のとおりです。
create or replace PROCEDURE GET_ORGANIZATIONS ( user_cursor OUT TYPES.cursorType ) AS BEGIN OPEN user_cursor FOR SELECT ORGNAME,ORGID from GENERIC.ORGANIZATIONS; END GET_ORGANIZATIONS;
次に、参照フィールド同期を実行するためのサンプルgroovyスクリプトを示します。
"package groovy; import org.identityconnectors.framework.common.objects.*; rs = null; st = null; try { System.out.println("[Lookup] Lookup Recon timing::"+ timing); System.out.println("[Lookup] Attributes to Get::"+ ATTRS_TO_GET); // This script is common for all lookups. Read the timing ( input) and return the data accordingly // The format of timing is : executeQuery:<objectclass>, objectclass is the value of object type in schedule job // ATTRS_TO_GET and timing are the script arguments String codekey = ATTRS_TO_GET[0]; String decodekey = ATTRS_TO_GET[1]; System.out.println("0"+ ATTRS_TO_GET[0]); System.out.println("1"+ ATTRS_TO_GET[1]); if( timing.equals("executeQuery:ROLENAME")) { System.out.println("[Lookup] Getting Roles."); st = conn.prepareCall("{call GET_ROLES(?)}"); } else if ( timing.equals("executeQuery:GROUPNAME")) { System.out.println("[Lookup] Getting Groups."); st = conn.prepareCall("{call GET_GROUPS(?)}"); } else if ( timing.equals("executeQuery:ORGANIZATION")) { System.out.println("[Lookup] Getting Organizations."); st = conn.prepareCall("{call GET_ORGANIZATIONS(?)}"); } st.registerOutParameter(1, oracle.jdbc.driver.OracleTypes.CURSOR); st.execute(); rs = st.getObject(1); while (rs.next()) { cob = new ConnectorObjectBuilder(); util.addAttribute(codekey,rs.getString(codekey)); util.addAttribute(decodekey,rs.getString(decodekey)); if (!util.build()) return; } } finally { if( null != rs) rs.close(); if( null != st) st.close(); } "
ここでは、完全リコンシリエーションまたはフィルタ・リコンシリエーションを実行するためのサンプルgroovyスクリプトを示します。このスクリプトは、完全リコンシリエーションおよびフィルタ・リコンシリエーション用のGET_GENERICGROUP、GET_GENERICROLEおよびGENERIC_EXECUTE_QUERYストアド・プロシージャを呼び出します。
完全リコンシリエーションまたはフィルタ・リコンシリエーション用に、ターゲット・システムで次のストアド・プロシージャが作成されています。
"create or replace PROCEDURE GET_GENERICGROUP ( user_cursor OUT TYPES.cursorType, userin IN VARCHAR2 ) AS BEGIN OPEN user_cursor FOR SELECT GROUPID,GROUPNAME,STARTDATE from GENERIC_GROUP where USERID=userin; END GET_GENERICGROUP;"
"create or replace PROCEDURE GET_GENERICROLE ( user_cursor OUT TYPES.cursorType, userin IN VARCHAR2 ) AS BEGIN OPEN user_cursor FOR SELECT ROLEID,ROLENAME,STARTDATE from GENERIC_ROLE where USERID=userin; END GET_GENERICROLE;"
"create or replace PROCEDURE GENERIC_EXECUTE_QUERY ( user_cursor OUT TYPES.cursorType ) AS BEGIN OPEN user_cursor FOR SELECT GENERIC_PARENT.USERID,GENERIC_PARENT.PASSWORD, GENERIC_PARENT.FIRSTNAME , GENERIC_PARENT.LASTNAME, GENERIC_PARENT.EMAIL ,GENERIC_PARENT.ORG,GENERIC_PARENT.CITY,GENERIC_PARENT.STARTDATE ,GENERIC_PARENT.EMPLOYEE_NUMBER,GENERIC_PARENT.STATUS,GENERIC_PARENT.USERNAME FROM GENERIC_PARENT; END GENERIC_EXECUTE_QUERY; To execute procedure from sqldeveloper var rc refcursor EXECUTE GENERIC_EXECUTE_QUERY(:rc) print rc"
完全リコンシリエーションとフィルタ・リコンシリエーション用のスクリプトは次のとおりです。
"package groovy import org.identityconnectors.framework.common.objects.*; import java.lang.reflect.*; import java.lang.String; import org.identityconnectors.common.security.GuardedString; import java.text.*; import java.util.Set; import java.util.Date.*; import java.sql.Date.*; rs = null; st = null; try { if( !filterMap.isEmpty()) { System.out.println("[Execute Query] Performing Recon with Filter. Filter is::"+ filterMap+" And Filer Params are::"+filterMap); //String[] filter = filterParams.get(0).split(":"); // st = conn.prepareCall("{call EXECUTE_QUERY_WITH_FILTER(?,?,?)}"); //st.setString(2, filter[0]); //st.setString(3, filter[1]); filterAttr = filterMap.get("filterattribute"); filterOp = filterMap.get("filteroperator"); // if("EQUALto".equalsIgnoreCase(filterOp)) // { // dbOp="="; // } filterVal = filterMap.get("filtervalue"); st = conn.prepareCall("{call EXECUTE_QUERY_WITH_FILTER(?,?,?)}"); st.setString(2, filterAttr); st.setString(3, filterVal); //st.setString(4, filterOp); } else // Full recon { // // Call target apis to get all records System.out.println("[Execute Query] Performing Full Recon."); //SELECT GENERIC_PARENT.USERID,GENERIC_PARENT.PASSWORD, GENERIC_PARENT.FIRSTNAME, GENERIC_PARENT.LASTNAME, GENERIC_PARENT.EMAIL ,GENERIC_PARENT.ORG,GENERIC_PARENT.CITY,GENERIC_PARENT.STARTDATE ,GENERIC_PARENT.EMPLOYEE_NUMBER,GENERIC_PARENT.STATUS,GENERIC_PARENT.USERNAME,GENERIC_PARENT.ENDDATE,GENERIC_PARENT.LONGVALUE,GENERIC_PARENT.FLOATVALUE,GENERIC_PARENT.CHARVALUE FROM GENERIC_PARENT; st = conn.prepareCall("{call GENERIC_EXECUTE_QUERY(?)}"); } st.registerOutParameter(1, oracle.jdbc.driver.OracleTypes.CURSOR); st.execute(); rs = st.getObject(1); while (rs.next()) { cob = new ConnectorObjectBuilder(); cob.setObjectClass(ObjectClass.ACCOUNT); Attribute uid= AttributeBuilder.build(new String("__UID__"),rs.getString(1)); Attribute fname= AttributeBuilder.build(new String("FIRSTNAME"),rs.getString(3)); Attribute lname= AttributeBuilder.build(new String("LASTNAME"),rs.getString(4)); Attribute email= AttributeBuilder.build(new String("EMAIL"),rs.getString(5)); Attribute org= AttributeBuilder.build(new String("ORG"),rs.getString(6)); Attribute city= AttributeBuilder.build(new String("CITY"),rs.getString(7)); //dbDate = rs.getDate(8); //Attribute startdate = AttributeBuilder.build(new String("STARTDATE"),rs.getString(8)); Attribute emp= AttributeBuilder.build(new String("EMPLOYEE_NUMBER"),rs.getString(9)); Attribute status= AttributeBuilder.build(new String("STATUS"),rs.getString(10)); Attribute name= AttributeBuilder.build(new String("__NAME__"),rs.getString(11)); //dbDate = rs.getDate(12); //Attribute enddate = AttributeBuilder.build(new String("ENDDATE"),dbDate.getTime()); //Attribute longval= AttributeBuilder.build(new String("LONGVALUE"),rs.getString(13)); //Attribute floatval= AttributeBuilder.build(new String("FLOATVALUE"),rs.getString(14)); //Attribute charval= AttributeBuilder.build(new String("CHARVALUE"),rs.getString(15)); cob.addAttribute(fname); cob.addAttribute(lname); cob.addAttribute(uid); cob.addAttribute(name); cob.addAttribute(email); //cob.addAttribute(startdate); //cob.addAttribute(enddate); cob.addAttribute(status); cob.addAttribute(org); cob.addAttribute(city); //cob.addAttribute(longval); //cob.addAttribute(floatval); //cob.addAttribute(charval); cob.addAttribute(emp); // util.addAttribute(Uid.NAME,rs.getString(1)); // util.addAttribute(Name.NAME,rs.getString(11)); // Name must be provided // util.addAttribute('FIRSTNAME',rs.getString(3)); // util.addAttribute('LASTNAME',rs.getString(4)); // util.addAttribute('EMAIL',rs.getString(5)); // util.addAttribute('ORGANIZATION',rs.getString(6)); // util.addAttribute('CITY',rs.getString(7)); // util.addAttribute('STARTDATE',rs.getDate(8)); // util.addAttribute('EMPLOYEE_NUMBER',new Integer(rs.getString(9))); // // util.addAttribute('STATUS',rs.getString(10)); // util.addAttribute('ENDDATE',rs.getDate(12)); // util.addAttribute('LONGVALUE',new Long(rs.getString(13))); // util.addAttribute('FLOATVALUE',new Double(rs.getString(14))); // util.addAttribute('CHARVALUE',rs.getString(15)); roleStmt = conn.prepareCall("{call GET_GENERICROLE(?,?)}"); roleStmt.registerOutParameter(1, oracle.jdbc.driver.OracleTypes.CURSOR); roleStmt.setString(2, rs.getString(1)); roleStmt.execute(); roleResultSet = roleStmt.getObject(1); java.util.List<EmbeddedObject> eoList = new ArrayList<EmbeddedObject>(); while (roleResultSet.next()) { Attribute roleId= AttributeBuilder.build(new String("ROLEID"),roleResultSet.getString(1)); Attribute roleName= AttributeBuilder.build(new String("ROLENAME"),roleResultSet.getString(2)); // dbDate = roleResultSet.getDate(3); //Attribute startdater = AttributeBuilder.build(new String("STARTDATE"),dbDate.getTime()); EmbeddedObjectBuilder roleEA = new EmbeddedObjectBuilder(); roleEA.addAttribute(roleId); roleEA.addAttribute(roleName); //roleEA.addAttribute(startdater); roleEA.setObjectClass(new ObjectClass("GENERIC_ROLE")); eoList.add(roleEA.build()); } roleResultSet.close(); EmbeddedObject[] roleEm = eoList.toArray(new EmbeddedObject[eoList.size()]); cob.addAttribute(AttributeBuilder.build("GENERIC_ROLE", (Object[]) roleEm)); groupStmt = conn.prepareCall("{call GET_GENERICGROUP(?,?)}"); groupStmt.registerOutParameter(1, oracle.jdbc.driver.OracleTypes.CURSOR); groupStmt.setString(2, rs.getString(1)); groupStmt.execute(); groupResultSet = groupStmt.getObject(1); java.util.List<EmbeddedObject> geoList = new ArrayList<EmbeddedObject>(); //System.out.println("groupresutset display"+groupResultSet); while (groupResultSet.next()) { Attribute groupId= AttributeBuilder.build(new String("GROUPID"),groupResultSet.getString(1)); Attribute groupName= AttributeBuilder.build(new String("GROUPNAME"),groupResultSet.getString(2)); // dbDate = groupResultSet.getDate(3); //Attribute startdateg = AttributeBuilder.build(new String("STARTDATE"),dbDate.getTime()); EmbeddedObjectBuilder groupEA = new EmbeddedObjectBuilder(); groupEA.addAttribute(groupId); groupEA.addAttribute(groupName); //groupEA.addAttribute(startdateg); groupEA.setObjectClass(new ObjectClass("GENERIC_GROUP")); geoList.add(groupEA.build()); } groupStmt.close(); EmbeddedObject[] groupEm = geoList.toArray(new EmbeddedObject[geoList.size()]); cob.addAttribute(AttributeBuilder.build("GENERIC_GROUP", (Object[]) groupEm)); if(!handler.handle(cob.build())) return; } } finally { if( null != rs) rs.close(); if( null != st) st.close(); } "
ここでは、増分リコンシリエーションを実行するためのサンプルgroovyスクリプトを示します。このスクリプトは、ターゲット・システムで次のように作成されているストアド・プロシージャを呼び出します。
"create or replace PROCEDURE EXECUTE_QUERY_INCREMENTAL ( user_cursor OUT TYPES.cursorType, columnName IN VARCHAR2, columnValue IN VARCHAR2 ) AS BEGIN if columnValue is NULL then open user_cursor for 'SELECT GENERIC_PARENT.USERID,GENERIC_PARENT.PASSWORD,GENERIC_PARENT.FIRSTNAME,GENERIC_PARENT.LASTNAME,GENERIC_PARENT.EMAIL,GENERIC_PARENT.ORG,GENERIC_PARENT.CITY,GENERIC_PARENT.STARTDATE,GENERIC_PARENT.EMPLOYEE_NUMBER,GENERIC_PARENT.STATUS,GENERIC_PARENT.USERNAME,GENERIC_PARENT.ENDDATE,GENERIC_PARENT.LAST_UPDATE,to_char(GENERIC_PARENT.LAST_UPDATE) FROM GENERIC_PARENT'; else open user_cursor for 'SELECT GENERIC_PARENT.USERID,GENERIC_PARENT.PASSWORD,GENERIC_PARENT.FIRSTNAME,GENERIC_PARENT.LASTNAME,GENERIC_PARENT.EMAIL,GENERIC_PARENT.ORG,GENERIC_PARENT.CITY,GENERIC_PARENT.STARTDATE,GENERIC_PARENT.EMPLOYEE_NUMBER,GENERIC_PARENT.STATUS,GENERIC_PARENT.USERNAME,GENERIC_PARENT.ENDDATE,GENERIC_PARENT.LAST_UPDATE, to_char(GENERIC_PARENT.LAST_UPDATE) FROM GENERIC_PARENT where '|| columnName ||' > to_timestamp ('''||columnValue||''')'; end if; END EXECUTE_QUERY_INCREMENTAL;"
次に、増分リコンシリエーションを実行するためのサンプルgroovyスクリプトを示します。
"package groovy; import org.identityconnectors.framework.common.objects.*; import java.lang.reflect.*; import org.identityconnectors.common.security.GuardedString; import java.text.*; import java.util.Date.*; import java.sql.Date.*; rs = null; st = null; try { System.out.println("[Sync] Performing Incremental Recon."); System.out.println("[Sync] Sync Attribute::"+syncattribute); System.out.println("[Sync] Sync token:: "+synctoken); // You have syncattribute and synctoken as script arguments for sync operation // Call target APIs to get information st = conn.prepareCall("{call EXECUTE_QUERY_INCREMENTAL(?,?,?)}"); //GENERIC_PARENT.USERID,GENERIC_PARENT.PASSWORD, GENERIC_PARENT.FIRSTNAME, GENERIC_PARENT.LASTNAME, GENERIC_PARENT.EMAIL ,GENERIC_PARENT.ORGANIZATION,GENERIC_PARENT.CITY,GENERIC_PARENT.STARTDATE //,GENERIC_PARENT.EMPLOYEE_NUMBER,GENERIC_PARENT.STATUS,GENERIC_PARENT.USERNAME,GENERIC_PARENT.ENDDATE,GENERIC_PARENT.LONGVALUE,GENERIC_PARENT.FLOATVALUE,GENERIC_PARENT.CHARVALUE st.setString(2, syncattribute); st.setString(3, synctoken!=null? synctoken.getValue():null); st.registerOutParameter(1, oracle.jdbc.driver.OracleTypes.CURSOR); st.execute(); rs = st.getObject(1); //SimpleDateFormat targetFormat = new SimpleDateFormat("yyyy/MM/dd HH:mm:ss z"); //DateFormat df = new SimpleDateFormat("yyyy-MM-dd"); while (rs.next()) { cob = new ConnectorObjectBuilder(); cob.setObjectClass(ObjectClass.ACCOUNT); Attribute uid= AttributeBuilder.build(new String("__UID__"),rs.getString(1)); Attribute fname= AttributeBuilder.build(new String("FIRSTNAME"),rs.getString(3)); Attribute lname= AttributeBuilder.build(new String("LASTNAME"),rs.getString(4)); Attribute email= AttributeBuilder.build(new String("EMAIL"),rs.getString(5)); Attribute org= AttributeBuilder.build(new String("ORG"),rs.getString(6)); Attribute city= AttributeBuilder.build(new String("CITY"),rs.getString(7)); //dbDate = rs.getDate(8); //Attribute startdate = AttributeBuilder.build(new String("STARTDATE"),dbDate.getTime()); Attribute emp= AttributeBuilder.build(new String("EMPLOYEE_NUMBER"),rs.getString(9)); Attribute status= AttributeBuilder.build(new String("STATUS"),rs.getString(10)); Attribute name= AttributeBuilder.build(new String("__NAME__"),rs.getString(11)); //dbDate = rs.getDate(12); //Attribute enddate = AttributeBuilder.build(new String("ENDDATE"),dbDate.getTime()); //Attribute longval= AttributeBuilder.build(new String("LONGVALUE"),rs.getString(13)); //Attribute floatval= AttributeBuilder.build(new String("FLOATVALUE"),rs.getString(14)); //Attribute charval= AttributeBuilder.build(new String("CHARVALUE"),rs.getString(15)); cob.addAttribute(fname); cob.addAttribute(lname); cob.addAttribute(uid); cob.addAttribute(name); cob.addAttribute(email); //cob.addAttribute(startdate); //cob.addAttribute(enddate); cob.addAttribute(status); cob.addAttribute(org); cob.addAttribute(city); //cob.addAttribute(longval); //cob.addAttribute(floatval); //cob.addAttribute(charval); //cob.addAttribute(emp); roleStmt = conn.prepareCall("{call GET_GENERICROLE(?,?)}"); roleStmt.registerOutParameter(1, oracle.jdbc.driver.OracleTypes.CURSOR); roleStmt.setString(2, rs.getString(1)); roleStmt.execute(); roleResultSet = roleStmt.getObject(1); java.util.List<EmbeddedObject> eoList = new ArrayList<EmbeddedObject>(); while (roleResultSet.next()) { Attribute roleId= AttributeBuilder.build(new String("ROLEID"),roleResultSet.getString(1)); Attribute roleName= AttributeBuilder.build(new String("ROLENAME"),roleResultSet.getString(2)); // dbDate = roleResultSet.getDate(3); //Attribute startdater = AttributeBuilder.build(new String("STARTDATE"),dbDate.getTime()); EmbeddedObjectBuilder roleEA = new EmbeddedObjectBuilder(); roleEA.addAttribute(roleId); roleEA.addAttribute(roleName); //roleEA.addAttribute(startdater); roleEA.setObjectClass(new ObjectClass("GENERIC_ROLE")); eoList.add(roleEA.build()); } roleResultSet.close(); EmbeddedObject[] roleEm = eoList.toArray(new EmbeddedObject[eoList.size()]); cob.addAttribute(AttributeBuilder.build("GENERIC_ROLE", (Object[]) roleEm)); groupStmt = conn.prepareCall("{call GET_GENERICGROUP(?,?)}"); groupStmt.registerOutParameter(1, oracle.jdbc.driver.OracleTypes.CURSOR); groupStmt.setString(2, rs.getString(1)); groupStmt.execute(); groupResultSet = groupStmt.getObject(1); java.util.List<EmbeddedObject> geoList = new ArrayList<EmbeddedObject>(); while (groupResultSet.next()) { Attribute groupName= AttributeBuilder.build(new String("GROUPNAME"),groupResultSet.getString(2)); //dbDate = groupResultSet.getDate(3); //Attribute startdateg = AttributeBuilder.build(new String("STARTDATE"),dbDate.getTime()); Attribute groupId= AttributeBuilder.build(new String("GROUPID"),groupResultSet.getString(1)); EmbeddedObjectBuilder groupEA = new EmbeddedObjectBuilder(); groupEA.addAttribute(groupName); //groupEA.addAttribute(startdateg); groupEA.addAttribute(groupId); groupEA.setObjectClass(new ObjectClass("GENERIC_GROUP")); geoList.add(groupEA.build()); } groupStmt.close(); EmbeddedObject[] groupEm = geoList.toArray(new EmbeddedObject[geoList.size()]); cob.addAttribute(AttributeBuilder.build("GENERIC_GROUP", (Object[]) groupEm)); Attribute timestamp= AttributeBuilder.build(new java.lang.String("LAST_UPDATE"),rs.getString(13)); System.out.println(timestamp) token = AttributeUtil.getSingleValue(timestamp); System.out.println("token is"+token) SyncToken syncToken = new SyncToken(token); SyncDeltaBuilder bld = new SyncDeltaBuilder(); bld.setObject(cob.build()); bld.setToken(syncToken); bld.setDeltaType(SyncDeltaType.CREATE_OR_UPDATE); println bld.build() handler.handle(bld.build()); } } finally { if( null != rs) rs.close(); if( null != st) st.close(); } "