| Oracle® Fusion Middleware User Management Guide for Oracle WebLogic Portal 10g Release 3 (10.3.2) Part Number E14254-01 |
|
|
View PDF |
| Oracle® Fusion Middleware User Management Guide for Oracle WebLogic Portal 10g Release 3 (10.3.2) Part Number E14254-01 |
|
|
View PDF |
Developers can use Oracle Enterprise Pack for Eclipse to create JSP tags and controls that add and edit user profiles. A user profile consists of a user name and any additional properties you collect and store about a user. These properties can be used to personalize the user's experience in your portal.
Properties can consist of personal data, work-related data, geographic data, or something else that logically categorizes your users. For example, you could create a property set in Oracle Enterprise Pack for Eclipse called human resources that contains properties such as gender, hire date, and e-mail address.
You must use Oracle Enterprise Pack for Eclipse to programmatically create user profiles, edit the profile's default property values, and enable property value encryption.
Note:
To determine if you should encrypt your user data and learn about the different ways to perform encryption, see Section 2.4, "Planning Data Encryption." For instructions on encrypting the data, see Section 5.1.1, "Creating a User Profile Property Set." For instructions on encrypting a user password see Section 5.4.3, "Using Properties from an External User Store."Administrators can edit the profile's property values in the Administration Console. See Chapter 10 for instructions.
When users log into a portal, the portal can access the property values and target them with personalized content, e-mails, pre-populated forms, and discounts based on the personalization rules you set up. See the Oracle Fusion Middleware Interaction Management Guide for Oracle WebLogic Portal for more information.
Developers can use the following tools to programmatically create and edit user profile default property values:
JSP Tags – Use the createProfile JSP tag to create a portal JSP tag that adds a user profile. Other JSP tags let you retrieve the user profile and add or edit its properties.
Controls – Use the createProfile action in the Profile control to add a user profile. Other actions in the User Provider control let you retrieve the user profile and add or edit its properties. You can use the Profile control to retrieve a user's profile, use the Property control to put properties in working memory, then use the Rules Executor control to evaluate and filter the user profile's properties in order to trigger actions based on that evaluation.
Java – Work directly with the com.bea.p13n.usermgmt.profile.ProfileFactory Java class to create a user profile. You can change user properties by calling the ProfileWrapper object directly. For more information on the Java class, see the Oracle Fusion Middleware Java API Reference for Oracle WebLogic Portal.
This chapter includes the following sections:
A user profile is a collection of user property values for a user from all available user property sets. Each piece of metadata in a user profile is called a user property. A user profile property set organizes the properties that it contains and provides a convenient way to name a group of properties for a specific purpose. The properties you create can be used to define rules for personalization, delegated administration, or visitor entitlement.
User properties can range from statically-defined properties (such as a user's phone number and e-mail address) to dynamically-created and persisted properties (web site tracking information for the user, for example). A property set called personal could contain properties, such as age, gender, marital status, and address. Another property set called preferences could contain properties, such as hobby, favorite color, and news preference.
You must create user profiles and edit the profile's default values in Oracle Enterprise Pack for Eclipse. You can edit the profile's values in Oracle Enterprise Pack for Eclipse or in the Administration Console.
WebLogic Portal provides a default user profile property set called CustomerProperties.usr that contains common properties.
Note:
You can also create an application-defined property set to store profile data for entities that are not users or groups. These entities include communities and Web Services for Remote Portlets (WSRP), or a custom entity created by an application programmer. See the Oracle Fusion Middleware Interaction Management Guide for Oracle WebLogic Portal for instructions on creating this type of property set.This section contains the following topics:
You can create a user profile and a property set in Oracle Enterprise Pack for Eclipse. You can edit the profile's default values in Oracle Enterprise Pack for Eclipse or in the Administration Console.
To create a property set for a user profile:
In the Workshop for WebLogic Application window, right-click the data\src\userprofiles folder, and choose New > Other.
Tip:
You can customize the menu so that Property Sets appear as a choice on the New menu. See the Oracle Fusion Middleware Portal Development Guide for Oracle WebLogic Portal for instructions.In the New dialog box, expand WebLogic Portal and then expand Property Sets.
Select User Property Set and click Next, as shown in Figure 5-1.
Figure 5-1 Create a User Profile Property Set
In the New User Property Set window, enter a name for the user profile property set in the File name field. Keep the.usr file extension. For example, SalesRegion.usr.
If you want to tie the user profile property set to a file in the file system, click Advanced, as shown in Figure 5-2 and select the Link to file in the file system check box. Selecting this check box references a file outside the Eclipse project, on your local file system. Click Browse to locate the referenced file or click Variables to use a path variable to reference the file.
If you use a custom UUP that does not perform data encryption and you want to protect user profile data by encrypting it, click Advanced. Select the Enable Encryption check box to encrypt property set values before sending them to the UUP to be persisted. The Profile Manager performs the encryption and the UUP must be writable. See Figure 5-2. (To determine if this is the best way to encrypt data for your application, see Section 2.4, "Planning Data Encryption" and Section 2.4.2, "Enabling Encryption for a Property Set.")
Tip:
If you use a custom UUP that does data encryption on its own, do not select the Enable Encryption check box because that option will encrypt and decrypt the data twice and can impact performance. Use your UUP documentation to set up encryption at the UUP. Only the property set you specify is encrypted. To determine if you should use this method to encrypt data for your application, see Section 2.4, "Planning Data Encryption." If you want to share your encrypted data across portal applications or domains, you can transfer an encryption key from one custom UUP to another. For instructions, see Section 5.1.3, "Transferring an Encryption Key Between Custom UUPs."Figure 5-2 Click Advanced to see the Enable Encryption Check Box
Click Finish. The user profile editor appears. If you selected the Enable Encryption check box, the value of the Enable Encryption property in the Properties tab is set to True. After you enable encryption, you cannot turn it off after profile data is written to the UUP. After you select the Enable Encryption check box, the following line is appended to the first line in the .usr file: enable-encryption="true". For example: <propertyset is-complete="true" enable-encryption="true".
Note:
Even though the Enable Encryption check box is enabled, any default property values entered in Oracle Enterprise Pack for Eclipse (and eventually persisted in the
.usr file) are not encrypted.After you create a property set by following the instructions in Section 5.1.1, "Creating a User Profile Property Set," you can capture user information by adding properties to the profile.
To add properties to a user profile property set:
Select the user profile in the Navigator window.
In the Design Palette window, drag one of the following property types into the editor window:
Single Unrestricted – A single unrestricted property can have only one value, but you can enter any value. For example, Country, Last Name, or Age.
Single Restricted – A single restricted property can have only one value, and you are restricted to selecting that value from a predefined list. For example, a Browser property could have possible values of Internet Explorer, Netscape, Opera, or Mozilla.
Multiple Unrestricted – A multiple unrestricted property can have multiple values, and you can enter any values. For example, an email property could contain one or more e-mail addresses.
Multiple Restricted – A multiple restricted property can have multiple values, and you are restricted to selecting the values from a predefined list. For example, a Forms property could allow a user to select a document, such as 1040EZ, 1040A, or 1040.
Figure 5-3 shows the property types for a property set.
Figure 5-3 Drag a Property Type, Such as Multiple Restricted, to the User Profile Editor
Select the Properties tab and select the Data Type for the property value. Select one of the following values from the drop-down list: Text, Numeric, Float (decimal), Boolean (true or false), or Date/Time. A Date/Time property must be java.sql.Timestamp type. Your selection determines the dialog box you see when you edit the Value field. For example, properties with a Boolean data type are automatically set to single restricted. If you edit the Data Type, the change removes anything previously entered in the Value field, because the types of values change.
Figure 5-4 shows how to configure a multiple restricted type to reflect three sales regions called Americas, APAC, and EMEA. You could use this Sales Region property to target sales employees with personalized content.
Figure 5-4 Enter User Profile Details in the Properties Editor
In the Selection Mode and Value Range fields in the property editor in Oracle Enterprise Pack for Eclipse, you can change the type of property. This field will already be populated, based on the type of property you dragged from the Design Palette window, but you can change a property from single unrestricted to multiple restricted.
Note:
Any change to Data Type, Selection Mode, or Value Range fields replaces anything previously entered in the Value field because the number of allowed values changes.Use the Value field to enter values for restricted types or to set the default value for unrestricted types. Click the ellipsis icon (...) to enter values. (If you picked Restricted in the Value Range field, enter the value in the Enter Property Value dialog box that appears and click Add after each entry. Click OK after you enter all values. If you picked Unrestricted in the Value Range field, enter the value in the Enter Property Value dialog box and click OK.) Any values you enter in this field will be removed if you change the Data Type, Selection Mode, or Value Range.)
The properties you enter in the property editor appear in the user profile editor, as shown in Figure 5-5.
Figure 5-5 View the Properties in the User Profile Editor
After you add all the properties, save the file by choosing File > Save.
Use the Administration Console to view the user profile you set up in Oracle Enterprise Pack for Eclipse.
Caution:
You can also use the Property control to programmatically create and manage properties. However, properties created with this control do not appear in the Administration Console. You must modify and update them programmatically.If you use more than one UUP for your user data and you want to share encrypted data across portal applications or domains, you must transfer the encryption key from one UUP to another UUP. The 3DES symmetric algorithm uses the same key to encrypt and decrypt data.
If you use the Profile Manager to encrypt profile data, you have to transfer the managed encryption keys to another portal application or domain. This transfer is required because the Profile Manager manages encryption keys for each encrypted property set through the Portal application's deployment descriptor and plan. Transferring the encryption key ensures you use the same encryption key for all domains and applications.
To determine if this is the best way to encrypt data for your application, see Section 2.4, "Planning Data Encryption."
To generate an encryption key:
Create a password in your p13n-profile-config.xml file. This is the easiest method to transfer encrypted data, but it does not provide the strongest encryption of your user data. Set up a password in the Administration Console; see Step 10 in Section A.2.1, "Configuring an LDAP UUP and Transparent Failover."
Automatically generate an encryption key at first use during run time. The advantage of automatically generating the key is that extra configuration is not required, and you benefit from strong encryption. However, this type of encryption makes it difficult to transfer data between domains and applications. When you set the property value, the Profile Manager locates the encryption key to encrypt the data. If an encryption key does not exist, the Profile Manager first looks up the configured password in the p13n-profile-config.xml file. If the password is located, an encryption key is derived from the password. If the password is not located, the Profile Manager randomly generates an encryption key and stores it in WebLogic Server's DefaultCredentialMapper.
To transfer the encryption key to re-use the user profile data from another application:
Use the WebLogic Server Console to export the Credential Mapper to a file by navigating to Security Realms > myrealm > Providers > DefaultCredentialMapper > Migration > Export. The file is an .ldif file.
Open the exported file in a text editor and find the corresponding credential mapper entry. The file is similar to the following example:
dn: cn=type@E@Fwlp@G@M@OEntApp@EqaApp@M@OWebapp@E@M@OResource@EUUP.
@K@M@OCapability@E.EncryptionKey-Alias,ou=CredentialMaps,ou=
@realm@,dc=@domain@
objectClass: passwordCredentialMap
moduleName: null
cn: type@E@Fwlp@G@M@OEntApp@EqaApp@M@OWebapp@E@M@OResource@EUUP.
@K@M@OCapability@E.EncryptionKey-Alias
applicationName: null
principalName: myEncryptionkeyAlias
wlsCreatorInfo: null
wlsCollectionName: null
resourceName: type=<wlp>, EntApp=qaApp, Webapp=,S
Resource=UUP.myUUPadapterName, Capability=
principalPassword: ezNERVN9NmkyVjVQcjA1SllKbldZNmtxU0BUcjQwblFPdGxnY
UtnW Dh5U1 BQNXRFcGZ2T1pCQFRQR3dRbk10dFZ2QWU4cU1TekxuRGVjT21jWjI2c1l
GaGhZQ FRAVVliZ29wODhwVUdKV2pOd09BMkBVR3BXTThBZmZuQjVUNzg5bGFVRmxmS
1NvaVJEMDMweHlMeVVZQEU=
Edit the following credential mapper entries to match your target portal application or domain:
Change the application name for dn. For example, change M (OEntApp)EqaApp to M (OEntApp)E<yourAppName> .
Change the application name for cn. For example, change M (OEntApp)EqaApp to M (OEntApp)E<yourAppName>.
Change the application name and UUP adapter name for resourceName. For example, change type=<wlp>, EntApp=qaApp, Webapp=, Resource=UUP.myUUPadapterName, Capability= to type=<wlp>, EntApp=<yourAppName>, Webapp=, Resource=UUP.<yourUUPadapterName>, Capability=.
Save the file and import it to your target domain.
Copy the user property set file (*.usr) and UUP adapter configuration (in the p13n-profile-config.xml file) from your portal application or domain to your target portal application or domain.
You can use Oracle Enterprise Pack for Eclipse to create user profiles and the profile's default values. You can edit the profile's values in Oracle Enterprise Pack for Eclipse or in the Administration Console. See Chapter 10 for instructions on editing the values for property sets in the Administration Console.
This section contains the following topics:
Section 5.2.1, "Editing Properties and Values in the Property Editor"
Section 5.2.2, "Editing Properties and Values with JSP Tags"
Section 5.2.3, "Editing Properties and Values with Controls"
Section 5.2.4, "Editing Properties and Values with the ProfileWrapper Object"
Developers use the user profile editor in Oracle Enterprise Pack for Eclipse to create a user profile and add the profile's properties. Then you can edit properties and their default values that are part of each user's profile.
To modify properties and their values in Oracle Enterprise Pack for Eclipse:
Double-click the property set file in the Navigator window.
Select the property in the user profile editor that you want to modify.
Change the property or its value in the property editor window.
Tip:
You can edit property values in the Administration Console.A set of JSP tags allow for easy access to property set data:
getPropertyNames – Retrieves the names of all properties in a property set.
getPropertySetNames – Retrieves the names of all PropertySets of a given type.
getRestrictedPropertyValues – Retrieves restricted values for a specific property in a property set.
For more information on these tags, see Oracle Fusion Middleware JSP Tag Java API Reference for Oracle WebLogic Portal.
The <profile:getProperty> JSP tag retrieves property values for a specified property set. The <profile:setProperty> JSP tag updates a property value for either the session's current profile or for the anonymous user profile.
Typically, the <profile:getProperty> tag is used after the <profile:getProfile> tag is invoked to retrieve a profile for session use. The <profile:getprofile> JSP tag retrieves a user profile and its properties. The <profile:getProperty> and <profile:setProperty> JSP tags let developers retrieve and rapidly edit properties for a large number of users. If the <profile:getProfile> tag is not used before the <profile:getProperty> tag, the specified property value is retrieved from the anonymous user profile.
See the Oracle Fusion Middleware JSP Tag Java API Reference for Oracle WebLogic Portal for more information on the Java class.
You can retrieve an authenticated user profile by using the <profile:getProfile> JSP tag in a page flow as shown in the code sample in Example 5-1.
Note:
Page flows are a feature of Apache Beehive, which is an optional framework that you can integrate with WLP. See "Apache Beehive and Apache Struts Supported Configurations" in the Oracle Fusion Middleware Portal Development Guide for Oracle WebLogic Portal.Example 5-1 Retrieve an Authenticated User Profile with the <profile:getProfile> Tag
<%@ page import="com.bea.p13n.usermgmt.SessionHelper"%>
<%@ taglib uri="http://www.bea.com/servers/p13n/tags/usermanagement"
prefix="profile"%>
<%@ taglib uri="netui-tags-databinding.tld" prefix="netui-data"%>
<%@ taglib uri="netui-tags-html.tld" prefix="netui"%>
Profile is: [<code><%= SessionHelper.getProfile(request) %></code>]<br>
<%-- This tag works for authenticated users. --%>
<profile:getProfile profileKey="<%=request.getUserPrincipal().getName()%>"
profileId="profile"/>
Profile is: [<code><%= profile %></code>]<br>
<%-- You would generally want to do this in your PageFlow, not your JSP. --%>
<netui-data:declareControl controlId="profileControl"
type="com.bea.p13n.controls.profile.UserProfileControl"/>
<netui-data:callControl resultId="getProfileFromRequestResult"
controlId="profileControl" method="getProfileFromRequest">
<netui-data:methodParameter
value="{request}"></netui-data:methodParameter>
</netui-data:callControl>
Profile is: [<code><netui:label value="
{pageContext.getProfileFromRequestResult}"></netui:label> </code>]<br>
If the user is registered, then the profile can be retrieved without a reference to the session, as shown in the code sample in Example 5-2. This method is useful if you do not have access to the session object.
Tip:
To retrieve a user's profile using this programmatic technique, the user must be logged in and authenticated. If you call com.bea.p13n.security.Authentication.login() to perform the login, the user profile is automatically created. You can also call the WebLogic Server method weblogic.servlet.security.ServletAuthentication.login(); however, note that the user profile is only created after the next access (usually after the first page refresh). Before this subsequent access, you will receive a ProfileNotFound exception when you try to retrieve the user's profile.Example 5-2 Retrieve a Registered User's Profile Without a Session Reference
import com.bea.p13n.usermgmt.profile.ProfileFactory;
import com.bea.p13n.usermgmt.profile.ProfileNotFoundException;
import com.bea.p13n.usermgmt.profile.ProfileWrapper;
import java.rmi.RemoteException;
public class MyHelper
{
public static String helperMethod(String username)
{
try
{
ProfileWrapper profile =
ProfileFactory.getProfile(username,null);
// do something helpful here.
return profile.toString();
}
catch (RemoteException ex)
{
}
catch (ProfileNotFoundException ex)
{
}
return null;
}
For anonymous and tracked anonymous users, you must retrieve the profile from the session. Anonymous profiles have no identity. Tracked anonymous profiles have an identity that is not valid for authentication. A safe way to retrieve the identity for a user, based upon the user's profile type, is shown in Example 5-3. This code sample retrieves the current ProfileWrapper and gets the user name associated with the wrapper.
Example 5-3 Retrieve a User's Identity by Retrieving the Current ProfileWrapper
<%@ page import="com.bea.p13n.usermgmt.SessionHelper"%> Profile Id is: [<code><%= SessionHelper.getUserId(request) %></code>]<br>
Use the following returned values to determine the user type:
Null – Anonymous profiles
UserId – Tracking number (which cannot be used for authentication) for tracked anonymous profiles
Username – User Principal name for registered (authenticated) profiles
Developers use the getProperty and setProperty actions in the Property control to let users retrieve property values for a property set and update property values for either the session's current profile or for the anonymous user profile.
Caution:
Properties created with this control do not appear in the WebLogic Portal Administration Console, and you must modify and update them programmatically.For more information on using the Property control and its properties, see the Oracle Fusion Middleware Java API Reference for Oracle WebLogic Portal.
Example 5-4 shows how a user can use the setProperty action in the Property control to edit a Profile Wrapper. An example page flow (and associated JSP) that uses controls to offer a form for the user to set a favorite color is shown in the code sample. This example requires a Generalnfo.usr user profile property set file to exist in the \userprofiles folder of the data project, with a single-valued, restricted, text FavoriteColor property. For more information, see the help in Oracle Enterprise Pack for Eclipse.
Note:
Page flows are a feature of Apache Beehive, which is an optional framework that you can integrate with WLP. See "Apache Beehive and Apache Struts Supported Configurations" in the Oracle Fusion Middleware Portal Development Guide for Oracle WebLogic Portal.Example 5-4 Use this index.jsp file with the Page Flow
<%@ page language="java" contentType="text/html;charset=UTF-8"%>
<%@ taglib uri="netui-tags-databinding.tld" prefix="netui-data"%>
<%@ taglib uri="netui-tags-html.tld" prefix="netui"%>
<%@ taglib uri="netui-tags-template.tld" prefix="netui-template"%>
<netui:html>
<body>
<netui:form action="setColor">
<table>
<tr valign="top">
<td>Favorite Color:</td>
<td>
<netui:select dataSource="{actionForm.color}"
defaultValue="{pageFlow.usersColor}"
optionsDataSource="{pageFlow.possibleColors}">
</netui:select>
</td>
</tr>
</table>
<br/>
<netui:button value="Set Color" type="submit"/>
</netui:form>
</body>
</netui.html>
Developers can change user profile property values by calling the ProfileWrapper object directly. For more information, see the Oracle Fusion Middleware Java API Reference for Oracle WebLogic Portal.
You must specify which set of user or group properties the user should inherit by configuring a ProfileWrapper successor at runtime. A ProfileWrapper is a lightweight object that can access the correct ProfileManager session beans based on the profile identity with which it is initialized. The ProfileManager has a getAllProfileNames method and a listAllProfiles method. The listAllProfiles(int pageSize) method efficiently retrieves all user profiles or group profiles. See the Oracle Fusion Middleware Java API Reference for Oracle WebLogic Portal for more detail.
You can use Oracle Enterprise Pack for Eclipse to delete individual properties from a property set, or you can delete an entire property set.
This section includes the following topics:
To delete individual properties from a property set:
In the Workshop for WebLogic Navigator window, expand the data\src\userprofiles folder, and double-click the user profile property set you created.
Select the property in the user profile editor window.
Right-click the property and choose Delete. The property is deleted from the user profile property set.
To delete a property set:
In the Workshop for WebLogic Application window, right-click the data\src\userprofiles folder, and select the user profile you created.
Right-click the property set and choose Delete to remove the property set.
Click Yes to confirm the deletion.
You can also use the <profile:removeProperty> JSP tag or the removeProperty action in the Property control in your page flows to remove existing properties or profiles for users. See the Oracle Fusion Middleware Java API Reference for Oracle WebLogic Portal for more information.
Note:
Page flows are a feature of Apache Beehive, which is an optional framework that you can integrate with WLP. See "Apache Beehive and Apache Struts Supported Configurations" in the Oracle Fusion Middleware Portal Development Guide for Oracle WebLogic Portal.If you created a UUP to access external user or group properties, you can use those properties to define rules for personalization, delegated administration, or visitor entitlement.
After you create a UUP to access these properties in the external user store (for example, an OpenLDAP server) you can access those external properties only through WebLogic Portal's JSP tags, controls, or APIs. Those external properties are not yet accessible in the Administration Console.
You must surface those external properties in the Administration Console if you want to use those properties in defining rules for personalization, delegated administration, or visitor entitlement.
Note:
If the properties you surface from an external user store are read-only, you cannot update them in the Administration Console. To make those properties writable, your custom UUP would have to become writable.To use properties from an external user store:
Create a UUP for the external user store. See Chapter 6 for instructions.
In Oracle Enterprise Pack for Eclipse, create a user profile property set for the external user store. The name you give the property set must match the name of the provider's PropertyMapping. To find the name of the property set, perform the following steps:
Look in your enterprise application root directory and open the META-INF/p13n-profile-config.xml file.
In the <!-- User Profile Manager --> section, locate the name entry for your external user store, such as:
<property-adapter> <name>MyLdapUUP</name> <property-mapping>MyExternalPropertySet</property-mapping> <ejb-jndi>my_uup.jar#ExternalEntityPropertyManager</ejb.jndi> </property-adapter>
The <property-mapping> element is the name of the new property set. The name is case sensitive. For example, the property set could be named MyExternalPropertySet.usr.
If you are using the LDAP UUP provided by WebLogic Portal, name the property set newLdap.usr.
Add properties to the property set that exactly match the property names in the external store you want to surface.
Save the property set file.
Tip:
After you have deployed your portal application to production, any modifications you make to user profile properties in Oracle Enterprise Pack for Eclipse must be pushed to the running server. For more information, see the Oracle Fusion Middleware Production Operations Guide for Oracle WebLogic Portal.If you want to use a password to protect your UUP data, you can use a clear text password or encrypt the password with weblogic.security.Encrypt utility. (To determine if this is the best way to encrypt data for your application, see Section 2.4, "Planning Data Encryption.") For instructions on setting a password in the Administration Console, see Step 10 in Section A.2.1, "Configuring an LDAP UUP and Transparent Failover."
Note:
If you encrypt the profile data stored in the p13n database, your Database Administrator will not be able to view the data in the user profile database. In prior releases of WebLogic Portal, the default was clear text, which meant the Database Administrators could view the user profile data.This section describes the user profile REST API and explains a technique for improving application performance in your development environment by turning off security tokens.
This section includes these topics:
WLP provides a REST API for accessing user profile data. This API retrieves user profile data from a deployed WLP application. This data includes user profiles, property sets, and property set values. You have the option to return data to the client in either XML or JavaScript Object Notation (JSON) format.
Note:
For information using REST APIs, see "Using Oracle WebCenter REST APIs" in the Oracle Fusion Middleware Developer's Guide for Oracle WebCenter.REST APIs allow portal developers to take advantage of client-side development models and create Rich Interactive Applications (RIA).
This section describes the user profile REST API. Use this API to return user profile data to the client (browser) in either XML or JSON format.
Like other REST APIs, the user profile REST API provides access to server-side resources through a URI that includes specific parameters. The user profile REST API is described in Table 5-1.
Table 5-1 User Profile REST API Description
| Resource | Resource Type | URI/Parameters | Notes |
|---|---|---|---|
|
User Profile |
none |
|
Supported HTTP Methods:
Formats: XML (default), JSON Response Codes: 200: OK or 403: Token validation failed. |
|
Property Sets |
|
|
Supported HTTP Methods:
Formats: XML (default), JSON Response Codes: 200: OK or 403: Token validation failed or 409: If a property with the same name is found. Example: See Section 5.5.3.2, "Creating a Dynamic Property Set." |
|
Property Set |
|
|
Supported HTTP Methods:
Formats: XML (default), JSON Parameters: Response Codes: 200: OK or 403: Token validation failed. |
|
Properties |
|
|
Supported HTTP Methods:
Formats: XML (default), JSON Parameters: Response Codes: 200: OK or 403: Token validation failed. Example: See Section 5.5.3.1, "Returning a List of Properties." |
|
Property |
|
|
Supported HTTP Methods:
Formats: XML (default), JSON Parameters:
Response Codes: 200: OK or 403: Token validation failed. Examples: See Section 5.5.3.3, "Adding Values for a Given Property" and Section 5.5.3.4, "Deleting a User Profile Property." |
This section includes several user profile REST command examples. These examples demonstrate HTTP GET, POST, PUT, and DELETE operations.
Example 5-5 shows a request that retrieves a list of properties and values associated with the specified property set (music_fan). Example 5-6 shows part of the JSON object returned by this command. The HTTP method is GET.
Example 5-5 Sample Request
request uri: http://localhost:7001/restWebApp/p13napi/userprofile/@me/propertysets/music_fan/properties request header: Accept="application/json"
Example 5-6 Part of Returned JSON Object
{
"items": [
{
"propertyName": "Email_Address",
"propertyValue": {
"values": [
"happy@happyville.com"
],
"multiValue": false
},
"propertySetName": "music_fan",
"links": [
{
"resourceType": "urn:oracle:p13n:userprofile:property",
"capabilities": "urn:oracle:restframework:read urn:oracle:restframework:update urn:oracle:restframework:delete",
"rel": "self",
"href": "http://localhost:7001/restWebApp/p13napi/userprofile/@me/propertysets/music_fan/properties/Email_Address?stoken=FAYvpr3DxG6qBqwZCOXSPFQYYbU35rc*"
}
]
},
...
A dynamic property set does not include a schema that specifies the property definitions. Example 5-7 shows how to create a new dynamic property set using a user profile REST command. Example 5-8 shows the resulting JSON object. The HTTP method is POST.
Example 5-7 Sample Request
request uri: http://localhost:7001/restWebApp/p13napi/userprofile/@me/propertysets
request header: Accept="application/json"
request body:
{
"name": "music_fan2" ,"type":null,"description":null,"propertyDefinitions":null,"links":null,"resourceType":null
}
Example 5-8 Returned JSON Object
{
"name": "music_fan2",
"links": [
{
"resourceType": "urn:oracle:p13n:userprofile:propertyset",
"capabilities": "urn:oracle:restframework:read",
"rel": "self",
"href": "http://localhost:7001/restWebApp/p13napi/userprofile/@me/propertysets/music_fan2?stoken=FGIjpPbJ9SJjvnpYSBws278apLSlzqw*"
},
{
"resourceType": "urn:oracle:p13n:userprofile:properties",
"capabilities": "urn:oracle:restframework:create urn:oracle:restframework:read",
"href": "http://localhost:7001/restWebApp/p13napi/userprofile/@me/propertysets/music_fan2/properties?stoken=FGIjpPbJ9SJjvnpYSBws278apLSlzqw*"
}
]
}
Example 5-9 adds property values for the given property name within the given property set. Example 5-10 shows the resulting JSON object. HTTP method is PUT.
Example 5-9 Sample Request
request uri: http://localhost:7001/restWebApp/p13napi/userprofile/@me/propertysets/music_fan/properties/Email_Address
request header: Accept="application/json"
request body:
{
"propertyName": "Email_Address",
"propertyValue": {
"values": [
"happy3@happyville.com"
],
"multiValue": false,
"resourceType": null,
"links": null
},
"propertySetName": "music_fan",
"resourceType": null
}
Example 5-10 Returned JSON Object
{
"propertyName": "Email_Address",
"propertyValue": {
"values": [
"happy3@happyville.com"
],
"multiValue": false
},
"propertySetName": "music_fan",
"links": [
{
"resourceType": "urn:oracle:p13n:userprofile:property",
"capabilities": "urn:oracle:restframework:read urn:oracle:restframework:update urn:oracle:restframework:delete",
"rel": "self",
"href": "http://localhost:7001/restWebApp/p13napi/userprofile/@me/propertysets/music_fan/properties/Email_Address?stoken=FJBhPwB-IkYUKCiDxOjYd4G2HpPA9iA*"
}
]
}
Example 5-11 deletes the specified user profile property. Example 5-12 shows the HTTP response generated by this command. The HTTP method is DELETE.
WebLogic Portal uses a security token (stoken) to ensure that REST commands are valid. The security token is a value that is placed in the URL and returned to the server upon each subsequent request. The server verifies that the command was issued in the current session.
Example 5-13 shows an example of a security token (stoken) in a URL returned in a server response:
Example 5-13 Security Token Embedded in a URL
href="http://localhost:7001/restWebApp/p13napi/userprofile/@me/propertysets/music_fan/properties?stoken=FOcZ3TpAVA4ddUBraPEWYXI3TBmI5ng*"
If the session is expired, the security token will be declared invalid. You can turn off security token generation and validation to increase performance during the development phase of your project. To turn off security tokens, add the servlet definition shown in Example 5-14 to your web application's web.xml file:
Example 5-14 Servlet Definition to Disable Security Tokens
<servlet>
<servlet-name>P13NUserProfileRestAPI</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.spi.container.ContainerRequestFilters</param-name>
<param-value>oracle.webcenter.jaxrs.framework.security.tokenmanager.TokenValidator
</param-value>
</init-param>
<init-param>
<param-name>token.manager.enabled</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>token.uris.exclude</param-name>
<param-value>/userprofile/[^//]*, /application\.wadl</param-value>
</init-param>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>org.codehaus.jackson.jaxrs;oracle.webcenter.jaxrs;oracle.p13n.jaxrs
</param-value>
</init-param>
</servlet>
|
 Copyright © 2010, Oracle and/or its affiliates. All rights reserved. Legal Notices |
|