If your target system uses an authentication mechanism that is not supported by this connector, then you must implement the authentication that your target system uses and then attach it to the connector by using the plug-ins exposed by this connector. Implementing custom authentication involves creating a Java class, overriding the Map<String, String> getAuthHeaders(Map<String, Object> authParams) method that returns the authorization header in the form of a map, and updating the connector installation media to include the new Java class.
All the target system configuration and authentication details that may be required for obtaining the authorization header are passed to the Map<String, String> getAuthHeaders(Map<String, Object> authParams) method through specific IT resource parameters. All the configuration properties exposed by this connector are accessible within this method as a part of "authParams".
To implement a custom authentication:
- Create a Java class for implementing custom authentication. This class must implement the org.identityconnectors.restcommon.auth.spi.AuthenticationPlugin interface.
Note down the name of this Java class. You will provide the name of the Java class while configuring the IT resource for your target system which is described later in this guide.
- Override the Map<String, String> getAuthHeaders(Map<String, Object> authParams) method in the custom Java class.
This method must implement the custom authentication logic that returns the authorization header in the form of a map For example, { Authorization = Bearer XXXXXXXXXX }
. The authorization header contains the access token received from the target.
- Package the Java class implementing the custom authentication into a JAR file.
- Package the JAR file containing the custom authentication implementation with the connector bundle JAR as follows:
Note:
Ensure to package all the JARs for any other custom implementations that you may have.
- Extract the contents of the org.identityconnectors.genericrest-1.0.1115.jar file into a temp directory. This file is located in the GenericREST-RELEASE_NUMBER\bundle directory.
- Copy the JAR file containing the custom authentication (from Step 3) to the lib directory.
- Regenerate the connector bundle (org.identityconnectors.genericrest-1.0.1115.jar) by running the following command:
jar -cvfm org.identityconnectors.genericrest-1.0.1115.jar META-INF/MANIFEST.MF *
Note:
While updating the connector bundle, ensure that META-INF\MANIFEST.MF file is unchanged.
- Run the Oracle Identity Manager Delete JARs utility to delete any existing JARs in Oracle Identity Manager database before you upload the regenerated connector bundle. This utility is copied into the following location when you install Oracle Identity Manager:
Note:
Before you use this utility, verify that the
WL_HOME
environment variable is set to the directory in which Oracle WebLogic Server is installed.
When you run the utility, you are prompted to enter the login credentials of the Oracle Identity Manager administrator, URL of the Oracle Identity Manager host computer, context factory value, type of JAR file being deleted, and the location from which the JAR file is to be deleted. Specify 4 (ICF Bundle) as the value of the JAR type.
- Run the Oracle Identity Manager Upload JARs utility to upload the regenerated connector bundle to Oracle Identity Manager database. This utility is copied into the following location when you install Oracle Identity Manager:
Note:
Before you use this utility, verify that the
WL_HOME
environment variable is set to the directory in which Oracle WebLogic Server is installed.
When you run the utility, you are prompted to enter the login credentials of the Oracle Identity Manager administrator, URL of the Oracle Identity Manager host computer, context factory value, type of JAR file being uploaded, and the location from which the JAR file is to be uploaded. Specify 4 (ICF Bundle) as the value of the JAR type.
- Restart Oracle Identity Manager.
This completes the procedure for implementing a custom authentication.