6 Configuring Custom Attributes
Entity attributes are properties of the entity. The information about the user entity is stored in the form of attributes, such as first name, last name, user login, and password. There are default user attributes in Oracle Identity Manager. However, you can create custom user attributes by using the User form under System Entities in the Oracle Identity System Administration. The custom attributes are referred to as user defined fields (UDFs). Oracle Identity Manager lets you create UDFs for the user, role, resource, organization, and catalog entities.
This chapter describes how to create and manage UDFs in the following sections:
-
Synchronizing User-Defined Fields Between Oracle Identity Governance and LDAP
-
Configuring a Field as Mandatory Attribute in the Request Catalog
Note:
Before you start performing the procedures described in this section, it is recommended that you review the Managing Sandboxes section in Developing and Customizing Applications for Oracle Identity Governance.
6.1 Creating a Custom Attribute
Creating a custom attribute involves activating a sandbox, using the System Entities section of the Identity System Administration to create the UDF for the particular entity, and exporting and publishing the sandbox.
The searchable property controls whether or not the attribute can be used to perform searches. For user defined attributes, setting this property will result in the attribute being shown in the Search form. Default attributes do not support this property.
To create a custom attribute or UDF:
Note:
Do not use ParentAccountId as a form field name. ParentAccountId is used to store system information.
-
Log in to Oracle Identity System Administration.
-
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
-
To create a UDF for the user, organization, role, and catalog entities, click the component under System Entities on the left navigation pane of Identity System Administration.
Catalog UDFs will not be available under Role VO. When ever a catalog UDF is added and customized in access request page, then the new UDF will be available automatically in Role page.
-
In the Custom section of the Fields tab, click the Create icon. The Select Field Type dialog box is displayed.
-
Select a field type you want to create. The available field types are:
-
Text: Select this option to create a text field.
-
Number: Select this option to create a numeric field.
-
Checkbox: Select this option to create a checkbox field.
-
Date: Select this option to create a date type field.
-
Lookup: Select this option to create a lookup field in which users can search and select the value. Note that there are two types of lookups that you can create:
-
A drop-down list from which you can select a value.
-
A searchable picklist (ADF name input list of value), from which users can search and select the value. If you want to create a searchable picklist, then on the Create Lookup Field page, under the Advanced section, select Searchable Picklist.
Note:
After you create a UDF for dependent lookups (a lookup field that is created with the Constrain list by parent field value selection option selected), you must set the partialTriggers property through WebCenter composer to refresh the values in the dependent lookup. To do so, see the procedure described in Creating Cascaded LOVs.
If you create a UDF in the User Details page, then the UDF is recommended to be in read-only mode. If the UDF is of drop-down or checkbox type, then you must customize it to read-only mode explicitly. To do so:
-
In the User Details page, click Customize to open WebCenter Composer. The page opens in customization mode.
-
Click the drop-down or checkbox region to edit its properties. In the pop-up window, click Edit.
-
In the Component Properties window, select the Read Only checkbox and click OK.
-
Click Close to close the page in customization mode.
Do not add drop-down UDF as outputText to a page if the value of the Meaning field has to be displayed.
-
-
-
Click OK. The page to create a custom field is displayed.
As an example, Figure 6-1 shows the Create Text Field page. The rest of the procedure in this section has been based on creating a custom text field.
-
Enter values in the fields of the Create Text Field page. Table 6-1 lists the fields in the Create Text Field page. Depending on the type of field that you are creating, the fields on the Create Text Field page varies.
Table 6-1 Fields in the Create Text Field Page
Section Field Description Appearance
Display Label
The custom field label that is displayed in the form.
Note: Display Labels for forms designed by using the Form Designer must be specified in single default language, for example English. If there is a requirement to enter the Display Label in any other language, then the ROOT resource bundle (/xliffBundles/oracle/iam/ui/runtime/BizEditorBundle.xlf) containing the Display Labels specified in the Form Designer can be translated to other languages. The translated labels will be displayed when the form is displayed in the request catalog, Inbox, track requests, and other pages.
Appearance
Display Width
The display width in characters. If you do not specify a value for this field, then the length of the field is taken as default.
Name
Name
The unique custom field name. This field is of internal use only, and the value of this field is not displayed to the user.
Name
Description
The description of the custom field. This field is of internal use only, and the value of this field is not displayed to the user.
Constraints
Searchable
The searchable property controls whether or not the attribute can be used to perform searches. For user defined attributes, setting this property will result in the attribute being shown in the Search form. Default attributes do not support this property.
Note: If you select the Searchable checkbox, then in the Advanced section, you cannot select Encrypt. A custom field that is marked as searchable cannot be encrypted.
Constraints
Maximum Length
The maximum length of the field in characters.
Note: You can increase the maximum length for default and custom attributes by using the User form. However, decreasing the maximum length is not supported.
Default Value
Text field
The default value of the custom field. The value you specify in this field is set for the field when the object is created.
Note: The field below the text field is grayed out and is not used.
Advanced
Encrypt
Determines whether the custom field must be encrypted.
Note: If you select the Encrypt checkbox, then in the Constrains section, you cannot select Searchable. A custom field that is encrypted cannot be searchable.
Advanced
Use in Bulk
Determines whether the attribute is available in bulk operations.
Advanced
LDAP Attribute
Name of the attribute in the LDAP repository to which this custom attribute must map to.
Note: Unless LDAP synchronization is enabled, setting a value for this field has no effect. For more information about enabling LDAP synchronization, see Configuring Oracle Identity Manager Server in Installation Guide for Oracle Identity and Access Management.
Advanced
Certifiable
Determines whether the attribute is certifiable. A requestable entity is available for certification only if it is marked as certifiable.
-
Click Save and Close. The UDF is created in the backend and is displayed in the Custom section of the Form Details page.
-
It is recommended that you export the sandbox to store all the changes made in your sandbox. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
-
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in the Developing and Customizing Applications for Oracle Identity Governance.
When you create a UDF by using the Form Designer, it is created in the back-end, and is not available for use. To make it available for use to the user, you must include the UDF in the Oracle Identity Self Service page on which it will be displayed. For information about including a UDF in the Oracle Identity Self Service page, see Adding a Custom Attribute.
6.2 Creating a Custom Child Form
Application instance forms can have child forms. Creating custom child forms involve activating a sandbox, using the Form Designer to add the child form to the application instance form, and exporting and publishing the sandbox.
Note that at some places in this guide, the term resource form has been used to refer to application instance forms.
To create a custom child form:
-
Log in to Oracle Identity System Administration.
-
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
Note:
You must ensure that sandbox in which the application instance form for which you are creating the child form must be published. If it is not published, then you must perform the procedure described in this section in the same sandbox in which the application instance form was created.
-
In the left pane, under Provisioning Configuration, click Form Designer. The Form Designer page is displayed.
-
Search for and open the application instance (resource) form for which you want to create a child form as follows:
-
Specify a value for the Resource Type lookup field.
-
Click Search.
A list of all resource forms (application instance forms) that meet the search criteria is displayed.
-
From this list, select the form to open. Alternatively, click Open on the toolbar.
The Manage APP_INSTANCE_FORM_NAME page is displayed.
-
-
On the Child Objects tab, click the Add icon on the toolbar. The Add dialog box is displayed.
-
In the Name field, enter the name of the child form. In the Description field, enter a description of the child form. Then, click OK. The child form is created in the backend and is displayed in the Child Objects tab of the application instance form for which it was created.
For information about adding a new child form attribute, see "Creating a Custom Child Form Attribute".
-
Click Regenerate View to regenerate the application instance form associated with the child form. If you do not regenerate the view the child form will not be available in the page for use on which you want it to be displayed.
-
It is recommended that you export the sandbox to store all the changes made in your sandbox. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
-
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
6.3 Creating a Custom Child Form Attribute
Creating a custom child form attribute involves activating a sandbox, opening the parent form and the child form in the Form Designer, creating and saving the child form attribute, and exporting and publishing the sandbox.
To create a custom child form attribute:
Note:
Do not use ParentAccountId as a form field name. ParentAccountId is used to store system information.
6.4 Modifying a Custom Attribute
Modifying a custom attribute involves activating a sandbox, editing the custom attribute, and exporting and publishing the sandbox.
To modify a custom attribute that you created for a form:
- Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
- In the Form Designer, search and open the form which contains the custom attribute you want to modify.
- In the Custom section, select the custom attribute that you want to modify.
- Click the Edit icon on the toolbar. Alternatively, click the Display Name of the attribute. The page to edit the field is displayed.
- Modify the values in the fields by referring to Table 6-1. Note that all the fields listed in Table 6-1 are editable.
- Click Save and Close.
- Click Re-generate View.
- It is recommended that you export the sandbox to store all the changes made in your sandbox. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
- Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
6.5 Adding a Custom Attribute
When you create a UDF, it is created only in the backend, and is not available in the page for use on which you want it to be displayed.
Note:
-
Adding a custom attribute is always in relation to one of the following entities: User, Organization, Role, or Catalog.
-
When catalog UDFs are customized to show in the first page of the Create Role wizard, they are also shown in the summary page of the wizard. But when role UDFs are customized to show in first page of the Create Role wizard, they are not shown in the summary page of the wizard. The summary page must be separately customized for these role UDFs to be displayed.
Adding a custom attribute involves the following:
6.5.1 Displaying a UDF in Oracle Identity Self Service Page
You must customize the UI to add the custom attribute and display it in a page in the Identity Self Service.
To display a UDF in a page in Oracle Identity Self Service:
-
Create the UDF by using the User form under System Entities in Identity System Administration. For example, you can create a UDF for the Create User page.
See Creating a Custom Attribute for information about creating a UDF.
Note:
After adding a UDF through the User form, logout of both Oracle Identity System Administration and Oracle Identity Self Service, and then login again to be able to see the newly added UDF and use it for customization.
-
Log in to Oracle Identity Self Service as the system administrator.
-
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
-
Click Manage. The Home tab displays the different Manage option. Click Users. The Manage Users page is displayed.
-
From the Actions menu, select Create. Alternatively, you can click Create on the toolbar. The Create User page is displayed with input fields for user profile attributes.
-
Click Customize at the upper right corner of the page to open WebCenter Composer. The Create User page opens in customization mode as shown in Figure 6-2.
Figure 6-2 Create User Page in Customization Mode
Description of "Figure 6-2 Create User Page in Customization Mode" -
Enter values for all mandatory fields.
-
Select Structure tab. The object tree is displayed as shown in Figure 6-3.
Figure 6-3 Object Tree Page in Customization Mode
Description of "Figure 6-3 Object Tree Page in Customization Mode" -
Select the section of the page on which you want to add the UDF.
-
In the Confirm Task Flow Edit dialog box, click Edit to confirm the edit task. The corresponding ADF component in the object tree is selected.
-
Select the panelFormLayout component, and click the Add icon. The Add Content dialog box is displayed.
-
Depending on the entity or area on which the UDF was added, select the data component, and then the view object. Table 6-3 lists the entities, pages, data components, and view objects that must be selected.
Note:
Adding VO as tables is not supported.
Table 6-3 Entities and Corresponding Data Components and View Objects
Entity Page Data Component View Object User
Create User
Data Component - Catalog
userVO
User
Modify User
Data Component - Catalog
userVO
User
Search Users
Data Component - Manage Users
UserVO1
User
View User Details
Data Component - Manage Users
UserVO1
User
My Information
Data Component - My Information
UserVO1
User
New User Registration
Data Component - User Registration
UserVO1
Role
Create Role
Data Component - Role
RoleDetailsVO
Role
Modify Role
Data Component - Role
RoleDetailsVO
Role
Search Roles
Data Component - Role
RoleVO1
Organization
Create Organization
Data Component - Organization
EditOrgVO
Organization
Modify Organization
Data Component - Organization
EditOrgVO
Organization
Search Organizations
Data Component - Organization
OrganizationVO
Catalog
Access Request
Data Component - Catalog
-
Catalog results table: CartItemsVO1
-
Cart items under Edit Cart Popup: CartItemsVO
-
Catalog details for a selected cart item either under catalog results table or edit cart popup: EditCartItemsVO
Certification
User Certification
Data Component - Certification
UserCertificationUserVO1
Certification
User Certification
Data Component - Certification
UserCertificationUserEntitlementVO1
Certification
Role Certification
Data Component - Certification
RoleCertificationRoleVO1
Certification
Role Certification
Data Component - Certification
RoleCertificationMemberVO1
Certification
Role Certification
Data Component - Certification
RoleCertificationPolicyVO1
Certification
Application Instance Certification
Data Component - Certification
ApplicationCertificationApplicationVO
Certification
Application Instance Certification
Data Component - Certification
ApplicationCertificationEntitlementVO
Certification
Entitlement Certification
Data Component - Certification
EntitlementCertificationEntitlementVO
Certification
Entitlement Certification
Data Component - Certification
EntitlementCertificationEntitlementMemberVO
-
-
Scroll to find the UDF that you added and click Add. If the UDF is not displayed, then refresh the content by clicking the Refresh icon at the top right hand corner of the dialog box.
-
Depending on the custom attribute that you created in step 1 and the type of UDF that you want to display, select one of the following items from the menu:
For a UDF of Text or Number type:
-
ADF Output Text
-
ADF Output Text w/Label
-
ADF Output Formatted
-
ADF Output Formatted w/Label
-
ADF Input Text
-
ADF Input Text w/Label
-
ADF Label
-
ADF Readonly Input Text w/Label
-
ADF Table Column
For a UDF of Checkbox type:
-
ADF Select Boolean Checkbox
-
ADF Table Column
For a UDF of Date type:
-
ADF Input Date w/Label
-
ADF Table Column
For a UDF of Lookup type:
-
ADF Input List Of Value (select only for searchable PickList)
-
ADF Select One Choice (select only for non-searchable PickList; this option is not visible for a searchable PickList for which you must select ADF Input List of Value)
-
ADF Table Column (select when adding a column within an af:table)
For example, if you have created a UDF of Text type, then select ADF Input Text w/Label. Similarly, if you created a searchable UDF of Lookup type, then select ADF Input List of Value. As an example, Figure 6-4 shows options for a UDF of Text type.
Figure 6-4 Options for Adding a UDF of Text Type
Description of "Figure 6-4 Options for Adding a UDF of Text Type" -
-
Click Close to close the Add Content dialog box.
Note:
If two attribute labels are displayed for the same field, then add the attribute that does not end with __C.
-
From the object tree on the Editing Page, select the UDF on the page, and click the Show properties icon. The Component Properties page is displayed.
-
On the Display Options tab:
-
Select Auto Submit.
-
If you have added the UDF on the user form, then in the Value Change Listener field, enter
#{pageFlowScope.cartDetailStateBean.attributeValueChangedListener}.
If you have added the UDF on a form other than the user form, then copy the value of the Value Change Listener field from any of the existing fields on the form and paste it as the value of the Value Change Listener field for the newly added UDF.
-
If you want to mark this attribute as mandatory, then change the Required and Show Required properties to
true
. To set the Show Required property, select the Show Required option. In the Required field, select Expression Editor, and in the Expression Editor field, enter the value astrue
. -
If you want to display this attribute as read-only, then select the checkbox for the Read Only property.
-
If you want to bind this attribute to a custom-managed bean method, then change the Value property.
The custom-managed bean method must include a call to the original method binding. For more information, see Developing Managed Beans and Task Flows section of Developing and Customizing Applications for Oracle Identity Governance.
-
-
Click OK.
-
Click Close to leave customization mode.
-
It is recommended that you export the sandbox, in case if you intend to move the change from test to production environment. See Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance for detailed instructions on exporting a sandbox.
-
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
To remove a UDF, you can use the customization mode to open the WebCenter Composer. In the customization mode, select the component or UDF that you want to remove, and then delete it or set the rendered property on that UDF to false.
6.5.2 Enabling the Submit Button After Adding a UDF to the Modify User Form
After adding a new UDF to the modify user form by customizing the UI using Web Composer, the Submit button of the form is not enabled when you try to modify a user. But modification of other user form fields enables the Submit button.
To avoid this issue, when you add a new UDF to the modify user form for the first time:
-
Create a sandbox and activate it. Open the page that contains the UDF, and click Customize.
-
Select Structure.
-
Note the value of the valueChangeListener property of a predefined or default field. To do so:
-
Click the predefined field, and then click Edit to open the Component Properties dialog box.
-
Copy the value of the valueChangeListener property.
-
-
Add the new UDF to the form, as described in Adding a Custom Attribute.
-
Export the sandbox as a ZIP file.
-
Delete the sandbox without publishing it.
-
Extract the ZIP file, and edit the jsff.xml file for the specific screen.
-
Add the following attributes to the ADF tag, for example af:inputText, for the UDFD field, as shown:
valueChangeListener=VALUE_COPIED_IN_STEP3 autoSubmit="true"
The resulting XML will look similar to the following:
<?xml version='1.0' encoding='UTF-8'?> <mds:customization version="11.1.1.61.92" xmlns:mds="http://xmlns.oracle.com/mds" motype_local_name="root" motype_nsuri="http://java.sun.com/JSP/Page"> <mds:move node="_xg_12" parent="_xg_pfl5" position="last"/> <mds:insert parent="_xg_pfl5" position="last"> <af:inputText xmlns:af="http://xmlns.oracle.com/adf/faces/rich" value="#{bindings.JobCode__c.inputValue}" label="#{bindings.JobCode__c.hints.label}" required="#{bindings.JobCode__c.hints.mandatory}" columns="#{bindings.JobCode__c.hints.displayWidth}" maximumLength="#{bindings.JobCode__c.hints.precision}" shortDesc="#{bindings.JobCode__c.hints.tooltip}" id="dtrt_dc_628826708" autoSubmit="true" valueChangeListener="#{pageFlowScope.cartDetailStateBean.attributeValueChangedListener}"> <f:validator xmlns:f="http://java.sun.com/jsf/core" binding="#{bindings.JobCode__c.validator}"/> </af:inputText> </mds:insert> <mds:move node="_xg_19" parent="_xg_pfl5" position="last"/> <mds:move node="_xg_20" parent="_xg_pfl5" position="last"/> <mds:move node="_xg_27" parent="_xg_pfl5" position="last"/> <mds:move node="_xg_23" parent="_xg_pfl5" position="last"/> <mds:move node="_xg_41" parent="_xg_pfl5" position="last"/> </mds:customization>
-
Create the ZIP file for the sandbox.
-
Import the sandbox.
-
Publish the sandbox.
6.5.3 Adding a Custom Attribute Category into Create User Form
You must customize the Create User or Modify User form to add a new category of fields.
To customize the Create User or Modify User form to add a new category of fields:
- Log in to Oracle Identity Self Service.
- Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
- Click Manage. The Home tab displays the different Manage option. Click Users. The Manage Users page is displayed.
- From the Actions menu, select Create. Alternatively, you can click Create on the toolbar. The Create User page is displayed with input fields for user profile attributes.
- Click Customize at the upper right corner of the page to open WebCenter Composer. The Create User page opens in customization mode.
- Enter values for all mandatory fields.
- Select Structure tab. The object tree is displayed.
- Click the first field of the Create User form and select its ancestor panelGroupLayout component.
- Click the Add Content icon.
- In the Add Content dialog box, click Web Components.
- Click Add next to the ShowDetailHeader component.
- Click Close.
- Select the newly added ShowDetailHeader component and click Edit to open the Component Properties dialog box.
- Modify the value of Size to
2.
- Modify the default value of Text with a suitable value.
- Click Apply and Close.
- Click the Add Content icon.
- In the Add Content dialog box, click Web Components, if not already open.
- Click Add next to the PanelFormLayout component.
- Click Close.
- Add fields into this new panelFormLayout component as described in step 11 in Adding a Custom Attribute.
- Click Close to leave customization mode.
- It is recommended that you export the sandbox, in case if you intend to move the change from test to production environment. See Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance for detailed instructions on exporting a sandbox.
- Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
6.6 Adding a Custom Attribute to an Application Instance Form
When you create a custom attribute (UDF) on an application instance form, it is created only in the backend, and is not available in the page for use on which you want it to be displayed. The options available to display the UDF in a page in the Identity Self Service are regenerating view and updating the application instance form by using WebCenter Composer.
The following are the options available to display the UDF in a page in Oracle Identity Self Service:
6.6.1 Regenerating View
One of the methods to display a UDF in a page in the Identity Self Service is to use the Regenerate View option in the Child Objects tab of the Form Designer.
To display the UDF in a page in Oracle Identity Self Service:
6.6.2 Updating the Application Instance Form By Using WebCenter Composer
One of the methods to display a UDF in a page in the Identity Self Service is to update the application instance form by using WebCenter Composer.
To display the UDF in a page in Oracle Identity Self Service:
-
Create the UDF by using the Form Designer.
-
Log in to Oracle Identity Self Service.
-
Create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
-
In the left pane, under System Entities, click Catalog. The Catalog page is displayed.
-
Search for and select the application instance whose resource form page must be updated, and the click Add to Cart.
-
Click Checkout.
-
On the Cart Details page, under the Details section, the application instance form and its attributes are displayed.
-
Click Customize to open WebCenter Composer. The page opens in customization mode.
-
Enter values for all mandatory fields.
-
From the View menu at the upper left corner of the page, select Structure. The object tree is displayed.
-
Under the Details section, select and click the attributes of the application instance form. A message confirming whether you want to edit the page is displayed.
-
Click Edit. In the object tree, the ADF component corresponding to the selection made in the preceding step is selected.
-
Click Add Content. The Add Content dialog box is displayed.
-
Select the data component. To do so:
-
Select Data Component - Catalog.
-
Search for APP_INSTANCEVO and then click Open. Here, APP_INSTANCE is the name of the application instance for which the attributes are added.
-
-
Scroll to find the UDF that you added. If the UDF is not displayed, then refresh the page.
-
Select the UDF on the page, and click Add.
-
Click Close to leave customization mode.
-
It is recommended that you export the sandbox to move the change from the test to production environment. For detailed instructions on exporting a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance
-
Publish the sandbox. For detailed instructions on publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
6.7 Moving UDFs from Test to Production
You can move a UDF that is added to an entity from one deployment, such as test environment, to another, such as production environment.
The following sections discuss the procedure to move a UDF added to entities from test to production:
See Also:
-
Limitations of the Test to Production Procedures for information about test to production limitations.
-
Handling Concurrency Conflicts in Developing and Customizing Applications for Oracle Identity Governance for information about handling concurrency conflicts when multiple users customize an application by using sandboxes and troubleshooting concurrency issues
6.7.1 Moving UDFs Added to Entities
You can move a UDF that is added to a User, Role, Organization or Application Instance entity from one deployment to another by using the Deployment Manager.
Moving a UDF that is added to a User, Roles, Organization or Application Instance entity from test to production consists of the following steps:
Note:
Before you perform these procedures, ensure that you do not have any popup blockers enabled in your browser and that you have a supported Java Runtime Environment (JRE) installed in the browser. This is because the Deployment Manager uses a popup window and it requires JRE to be installed in the browser.
6.7.1.2 Importing the UDF into the Production Environment
To import UDF into the production environment:
- In Oracle Identity System Administration, under System Configuration, click Import.
- Specify the path to the XML file that was exported from the test environment by using the Deployment Manager.
- Click Add File, Import, and then confirm the import. A message confirming that the import was successful is displayed.
- Import the sandbox exported from the test environment. For information about importing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
- Activate the sandbox to verify the changes. For information about activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
- Publish the sandbox after you verify the changes. For information about publishing a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
6.7.2 Moving UDFs Added to Catalog Entities
Depending upon the type of customization done, moving the catalog definition from test to production involves one or both the steps of exporting and importing using sandbox and Deployment Manager.
The procedure to move a UDF added to a catalog entity from test to production is discussed later in this guide. See Test to Production Procedures for Catalog Customizations for more information.
6.8 Synchronizing User-Defined Fields Between Oracle Identity Governance and LDAP
If you enable LDAP synchronization any time after creating one or more UDFs, then you must synchronize these UDFs with the corresponding LDAP attributes.
To do so, by using the Form Designer, search for and open the form containing the UDF, and then save it (no need to make any other change). Repeat this process of opening the form containing the UDF and then saving it for all UDFs created before enabling LDAP synchronization.
Note:
-
LDAP synchronization works when Oracle Identity Manager is integrated with Access Manager (OAM). But OAM-OIM integration using IDMConfigTool is not supported in 12c. The integration will be based on LDAP connectors and will be available post PS3. However, If you have upgraded from Release 11.1.2.3 to Release 12.2.1.3, then you can continue with LDAP synchronization, as described in Enabling LDAP Synchronization in Oracle Identity Manager in the Integration Guide for Oracle Identity Management Suite.
-
While creating/modifying an attribute using Form Designer, provide a value against LDAP Attribute. This is the value of LDAP attribute name against which the user-defined field (UDF) will be synchronized, and applicable only in LDAP sync enabled environment.
-
If you are using an OUD LDAP directory, then the Oracle Identity Manager custom attribute name must not contain a space. OUD does not allow creating a custom attribute with space in the attribute name.
6.9 Creating Cascaded LOVs
Creating cascaded LOVs involve activating a sandbox, creating UDFs of Lookup type, exporting the sandbox, and customizing the UI.
To create cascaded LOVs on the My Information page:
Note:
In this release of Oracle Identity Manager, LOVs cannot be added on the Self-Registration Page.
-
Log in to Oracle Identity System Administration.
-
Create and activate a sandbox, for example
SUJ.
For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance. -
Under System Entities in the left pane, click User.
-
Create the following UDFs of Lookup Type:
-
parent -
ParentChoice
-
dependent -
DepChoice
While creating
DepChoice
, make it dependent on the UDFParentChoice
, and map the values. To do so:-
In the List of Values section, search for the parent field and select it.
Select Constrain list by parent field value selection. This enables the fields to set the parent dependency details.
-
Select the required Parent Choice List and set the Value Map.
-
-
-
Click Save and Close.
-
Export the sandbox.
The sandbox is stored as sandbox_SUJ.zip.
-
Unzip the sandbox_SUJ.zip file, and perform the following steps:
-
In the file \persdef\sessiondef\oracle\iam\ui\runtime\form\model\user\view\mdssys\cust\site\site\userVO.xml.xml, under tag <ViewAttribute Name="DepChoice__c", search for the following text:
<Property Name="CascadingParentChoiceList" Value="ParentChoice__c"/>
<Property Name="CascadingRelationshipId" Value="100000000002523"/>
-
Copy the text in Step 7 a to \persdef\oracle\iam\ui\common\model\user\view\mdssys\cust\site\site\UserVO.xml.xml file under tag <ViewAttribute Name="DepChoice__c".
-
In the file \persdef\sessiondef\oracle\iam\ui\runtime\form\model\user\view\mdssys\cust\site\site\userVO.xml.xml, search for the following text:
</mds:insert> <mds:insert parent=" userVO " position="last"> <ViewAccessor Name="LOVVA_For_DepChoice__c" ViewObjectName="oracle.adf.businesseditor.model.views.CascadingLookups " xmlns="http://xmlns.oracle.com/bc4j"> <ParameterMap> <PIMap Variable="Bind_RelationshipId"> <TransientExpression Name="expression" access="local"><![CDATA[structureDef.findAttributeDef("DepChoice__c ").getProperty("CascadingRelationshipId")]]></TransientExpression> </PIMap> <PIMap Variable="Bind_ParentLookupCode"> <TransientExpression Name="expression" access="local"><![CDATA[ParentChoice __c]]></TransientExpression> </PIMap> </ParameterMap> </ViewAccessor> </mds:insert> </ParameterMap> </ViewAccessor> </mds:insert>
-
In the file \tmp\persdef\oracle\iam\ui\common\model\user\view\mdssys\cust\site\site\UserVO.xml.xml search for the below text and replace it with the text copied in step 7 c. Change userVO to UserVO:
</mds:insert> <mds:insert parent="UserVO" position="last"> <ViewAccessor Name="LOVVA_For_DepChoice__c" ViewObjectName="oracle.adf.businesseditor.model.views.Lookups" xmlns="http://xmlns.oracle.com/bc4j"> <ParameterMap> <PIMap Variable="Bind_LookupType"> <TransientExpression><![CDATA['Lookup.Conditions.Severity']]></TransientExp ression> </PIMap> </ParameterMap> </ViewAccessor> </mds:insert>
-
In the file \persdef\sessiondef\oracle\iam\ui\runtime\form\model\user\view\mdssys\cust\site\site\userVO.xml.xml, search for the following text:
<mds:insert parent="userVO" position="last"> <Properties xmlns="http://xmlns.oracle.com/bc4j"> <Property Name="__INTERNAL_EXPR_VALUE_OVERRIDES__" Value="userEO"/> </Properties> </mds:insert>
-
Copy the text from 7 e to file persdef\oracle\iam\ui\common\model\user\view\mdssys\cust\site\site\UserVO.xml.xml and change userVO to UserVO and userEO to UserEO.
-
-
Recreate the zip file with same name as in Step 6.
For example,
$zip -r sandbox_SUJ.zip*
-
Delete the sandbox
SUJ
from Oracle Identity System Administration. -
Import the modified sandbox_SUJ.zip created in Step 8.
-
Logout from Oracle Identity System Administration.
-
Log in to Oracle Identity Self Service.
-
Activate the sandbox,
SUJ.
-
In the left pane, under My Profile, click My Information. The My Information page is displayed.
-
Click Customize to customize the My Information page while the sandbox is active in Oracle Identity Self Service.
-
Add parent UDF and child UDF (created in Step 4) on the page as Select one choice component.
-
Select ParentChoice and click Edit Property and copy the Id of parent component. Set the auto submit property to true.
-
Select DepChoice and click Edit Property and paste the id value of ParentChoice UDF copied in Step 17 to the partailTrigger field.
-
Publish the sandbox.
Note:
For any LOV, the user details page displays the lookup code as the output text value. To display the LOV lookup value on the user details page, create a searchable picklist (ADF name input list of value), and then make it read-only.
6.10 Specifying Cascaded LOVs Without NULL Value
When you set the value of the required property to true in the attributes on the create user or modify user form, you can still submit a request without selecting a value.
To make the user select a value for the required attribute, you must modify the request dataset to mark the attribute as mandatory. To do so:
-
When the administrative server and at least one Oracle Identity Manager managed server is running, login to Oracle Enterprise Manager Fusion Middleware Control by using the URL in the following format:
http://ADMINSTRATION_SERVER:PORT/em
-
Navigate to Identity and Access, oim. Right-click and navigate to System MBean Browser.
-
Under Application Defined MBeans, navigate to oracle.mds.lcm, Server:oim_server1, Application:OIMAppMetadata, MDSAppRuntime.
-
To export the request dataset:
-
Click the Operations tab, and then click exportMetaData.
-
In the toLocation field, enter
/tmp
or the name of another directory. -
Select createSubDir as false.
-
Specify the doc location as the following:
/metadata/iam-features-requestactions/model-data/CreateUserDataSet.xml
./metadata/iam-features-requestactions/model-data//ModifyUserDataset.xml
Note:
Multiple documents can be set in the doc location while invoking operations exportMetaData or importMetaData.
-
Also select false for excludeAllCust, excludeBaseDocs, and excludeExtendedMetadata. Then, click Invoke.
This exports the file specified in the docs field to the directory specified in the toLocation field.
-
-
Edit the CreateUserDataSet.xml file, and change the value of the 'required' property to
true
for the attribute you created. -
Edit the ModifyUserDataset.xml file, and change the value of the 'required' property to
true
for the attribute you created. -
To import the request dataset:
-
Click importMetaData.
-
In the fromLocation field, enter
/tmp
or the name of the directory in which you have the configuration files. -
Select createSubDir as false.
-
Also select false for excludeAllCust, excludeBaseDocs, and excludeExtendedMetadata. Then, click Invoke.
This imports the file specified in the docs field to MDS in the toLocation field.
-
-
Restart Oracle Identity Manager.
6.11 Localizing Display Labels of UDFs
Localizing display labels of UDFs involves localizing the content in the BizEditorBundle.xlf file.
To localize display labels of UDFs:
-
Add a new custom field for the user object by referring to Creating a Custom Attribute and ensure to publish the sandbox.
-
Export the BizEditorBundle.xlf file from MDS by referring to Exporting Metadata Files to MDS in the Developing and Customizing Applications for Oracle Identity Governance.
-
Localize the content in BizEditorBundle.xlf to the expected locales. To do so:
-
Create a copy of the BizEditorBundle.xlf file and rename it, for example, BizEditorBundle_zh_CN.xlf.
-
Edit the <file> element from:
<file source-language="en" original="/xliffBundles/oracle/iam/ui/runtime/BizEditorBundle.xlf" datatype="x-oracle-adf">
To the following sample:
<file source-language="en" original="/xliffBundles/oracle/iam/ui/runtime/BizEditorBundle.xlf" datatype="x-oracle-adf" target-language="zh-CN">
-
Translate all the contents in the BizEditorBundle_zh_CN.xlf file.
-
-
Import the BizEditorBundle_zh_CN.xlf file to MDS by referring to Importing Metadata Files from MDS in the Developing and Customizing Applications for Oracle Identity Governance.
-
Customize the Identity Self Service page to add the custom field label. See Adding a Custom Attribute for details.
-
Switch the browser language to zh-CN, and log in to the Identity Self Service again.
-
Go to the page on which the custom attribute has been added, and confirm that the customized field label is using its localized value.
6.12 Configuring a Field as Mandatory Attribute in the Request Catalog
Configuring a field as mandatory attribute in the request catalog involves customizing the catalog, and setting the value of the Override property to true.
To configure a field as mandatory attribute in the request catalog:
- In Oracle Identity Self Service, create and activate a sandbox. For detailed instructions on creating and activating a sandbox, see Managing Sandboxes in Developing and Customizing Applications for Oracle Identity Governance.
- On the left pane, under System Entities, click Catalog. The Catalog page is displayed.
- Search for and select the application instance whose form page must be updated, and the click Add to Cart.
- Click Checkout.
- On the Cart Details page, under the Details section, the application instance form and its attributes are displayed.
- Click Customize. The page opens in customization mode.
- From the View menu, select Source. The object tree is displayed.
- Under the Details section, select and click the attributes of the application instance form. A message confirming whether you want to edit the page is displayed.
- Click Edit. In the object tree, the ADF component corresponding to the selection made in step 8 is selected.
- Select the input text that is to be marked as mandatory, and click Edit. The Component Properties:inputText window opens.
- Navigate to the required field, click the drop down icon adjacent to the field, select Override, and then select Expression Builder.
- In the Expression Builder window, select the Type a value or expression option, and enter
true
. - Click OK, and then click Apply.
- Click OK in the Component Properties:inputText. Click Close to quit customization mode.
- Export the sandbox and publish it.