4 Extending the Functionality of the Connector
Note:
From Oracle Identity Manager Release 11.1.2 onward, lookup queries are not supported. See Managing Lookups in Oracle Fusion Middleware Administering Oracle Identity Manager guide for information about managing lookups by using the Form Designer in the Oracle Identity Manager System Administration console.
-
Adding New Siebel Business Objects and Business Components for Reconciliation
-
Adding New Siebel Business Objects and Business Components for Provisioning
-
Configuring Transformation of Data During User Reconciliation
-
Configuring Validation of Data During Reconciliation and Provisioning
-
Configuring the Connector for Multiple Installations of the Target System
-
Configuring the Connector for Multiple Versions of the Target System
-
Configuring the Connector to Remove Old Primary Position or Responsibility
4.1 Creating and Populating a New Lookup Definition
Perform this procedure if you want to add a new lookup-based attribute for reconciliation or provisioning. First, you must create a new lookup definition for storing the values of the Organization attribute of Siebel User Profile. Then, create a new scheduled job to fetch all the Organizations from the Siebel target system and populate the newly created lookup definition.
4.1.2 Creating a New Scheduled Job
To create a new scheduled job:
-
If you are using Oracle Identity Manager release 11.1.1.x, then:
-
Log in to the Administrative and User Console.
-
On the Welcome to Oracle Identity Manager Self Service page, click Advanced in the upper-right corner of the page.
-
On the Welcome to Oracle Identity Manager Advanced Administration page, in the System Management region, click Search Scheduled Jobs.
-
-
If you are using Oracle Identity Manager release 11.1.2.x, then:
-
Log in to Oracle Identity System Administration.
-
In the left pane, under System Management, click Scheduler.
-
-
From the Scheduled Jobs Display pane, under Actions select Create, or directly click the Create Scheduled Job icon.
-
Enter the following values:
-
Job Name:
Siebel Lookup Recon for Organization
-
Task:
Siebel Lookup Recon
-
Retries:
1
-
Schedule Type:
No pre-defined schedule
-
Code Key Attribute:
Name
-
Decode Attribute:
Name
-
IT Resource Name:
SIEBEL IT Resource
-
Lookup Name:
Lookup.Siebel.Organization
-
Object Type:
Organizations;Organization;Name;Name
-
-
Click Apply to save or click Save and Run Now to save and run the scheduled job to populate the lookup definition with all Organizations from the Siebel target system.
4.2 Adding New Attributes for Reconciliation
Note:
This section describes an optional procedure. Perform this procedure only if you want to add new attributes for target resource reconciliation.
The new attributes you add for reconciliation must contain only string-format data. Binary attributes must not be brought into Oracle Identity Manager natively.
By default, the attributes listed in User Attributes for Reconciliation are mapped for reconciliation between Oracle Identity Manager and the target system. If required, you can add new attributes for target resource reconciliation.
To add a new attribute for target resource reconciliation, perform the following procedure:
-
Perform the procedure described in Creating and Populating a New Lookup Definition.
Note:
You can skip this step if you are not adding a lookup-based attribute or if you have created and populated a new lookup definition earlier.
-
In the Oracle Identity Manager Design Console, add the new attribute on the process form as follows:
-
Expand Development Tools.
-
Double-click Form Designer.
-
Search for and open the Siebel process form.
-
Click Create New Version.
-
In the Label field, enter the version name. For example,
version#1
. -
Click the Save icon.
-
Select the current version created in Step e from the Current Version list.
-
Click Add to create a new attribute, and provide the values for that attribute.
For example, if you are adding the organization attribute, then enter the following values in the Additional Columns tab:
Field Value Name
Organization
Variant Type
String
Length
255
Field Label
Primary Organization
Field Type
LookupField
Order
22
The following screenshot shows this form:
-
Click the Save icon.
-
Go to Properties tab and add a property to the newly added attribute Primary Organization with the following values:
Property Name:
Lookup Code
Property Value:
Lookup.Siebel.Organization
Click the Save icon.
-
Click Make Version Active.
-
-
Add the new attribute to the list of reconciliation fields in the resource object as follows:
-
Expand Resource Management.
-
Double-click Resource Objects.
-
Search for and open the Siebel resource object.
-
On the Object Reconciliation tab, go to Reconciliation Fields, then click Add Field, and enter the following values:
Field Name:
Primary Organization
Field Type:
String
-
Click Create Reconciliation Profile. This copies changes made to the resource object into the MDS.
-
Click the Save icon.
-
-
Create a reconciliation field mapping for the new attribute in the process definition form as follows:
-
Expand Process Management.
-
Double-click Process Definition.
-
Search for and open the Siebel process definition.
-
On the Reconciliation Field Mappings tab, click Add Field Map, and then select the following values:
Field Name:
Primary Organization
Field Type:
String
Process Data Field:
UD_SIEBEL_ORGANIZATION
-
Click the Save icon.
-
-
Create an entry for the attribute in the lookup definition for reconciliation as follows:
-
Expand Administration.
-
Double-click Lookup Definition.
-
Search for and open the Lookup.Siebel.UM.ReconAttrMap lookup definition.
-
Click Add and enter the Code Key and Decode values for the attribute. The Code Key value must be the name of the resource object field. The Decode value is the name of the attribute in the target system.
For example, enter
Primary Organization[Lookup]
in the Code Key field and then enterEmployee;Employee Organization;Name;true
in the Decode field. -
Click the Save icon.
-
-
Define the connector. If you are planning to perform any of the other procedures described in this chapter, perform those procedures and then define the connector. See Defining the Connector for more information.
-
If you are using Oracle Identity Manager release 11.1.2.x or later, create a new UI form and attach it to the application instance to make this new attribute visible. See Creating a New UI Form and Updating an Existing Application Instance with a New Form for the procedures.
4.3 Adding New Attributes for Provisioning
Note:
This section describes an optional procedure. Perform this procedure only if you want to add new attributes for provisioning.
By default, the attributes listed in User Attributes for Reconciliation are mapped for provisioning between Oracle Identity Manager and the target system. If required, you can map additional attributes for provisioning.
To add a new attribute for provisioning users:
-
Perform the procedure described in Creating and Populating a New Lookup Definition.
Note:
You can skip this step if you are not adding a lookup-based attribute or if you have created and populated a new lookup definition earlier.
-
In the Oracle Identity Manager Design Console, add the new attribute on the process form by performing Step 2 of Adding New Attributes for Reconciliation.
If you have already added the new attribute, then you need not add it again.
-
Create an entry for the attribute in the lookup definition for provisioning as follows:
-
Expand Administration.
-
Double-click Lookup Definition.
-
Search for and open the Lookup.Siebel.UM.ProvAttrMap lookup definition.
-
Click Add and enter the Code Key and Decode values for the attribute. The Code Key value must be the value specified in the Field Label column in the process form. The Decode value is the name of the attribute in the target system.
For example, enter
Primary Organization[Lookup]
in the Code Key field and then enterEmployee;Employee Organization;Name;true
in the Decode field. -
Click the Save icon.
Note:
Perform steps 4 through 6 only if you want to perform request-based provisioning.
-
-
Update the request dataset.
When you add an attribute on the process form, you also update the XML file containing the request dataset definitions. To update a request dataset:
-
In a text editor, open the XML file located in the OIM_HOME/DataSet/file directory for editing.
-
Add the AttributeReference element and specify values for the mandatory attributes of this element.
For example, while performing Step 2 of this procedure, if you added organization as an attribute on the process form, then enter the following line:
<AttributeReference name = "organization" attr-ref = "Primary Organization" type = "String" widget = "lookup" length = "255" available-in-bulk = "false"/>
In this AttributeReference element:
- For the name attribute, enter the value in the Name column of the process form without the tablename prefix.
For example, if UD_SIEBEL_ORGANIZATION is the value in the Name column of the process form, then you must specify
organization
as the value of the name attribute in the AttributeReference element.- For the attr-ref attribute, enter the value that you entered in the Field Label column of the process form while performing Step 2.
- For the type attribute, enter the value that you entered in the Variant Type column of the process form while performing Step 2.
- For the widget attribute, enter the value that you entered in the Field Type column of the process form, while performing Step 2.
- For the length attribute, enter the value that you entered in the Length column of the process form while performing Step 2.
- For the available-in-bulk attribute, specify
true
if the attribute must be available during bulk request creation or modification. Otherwise, specifyfalse
.While performing Step 2, if you added more than one attribute on the process form, then repeat this step for each attribute added.
-
Save and close the XML file.
-
-
Run the PurgeCache utility to clear content related to request datasets from the server cache.
See Purging Cache in Oracle Fusion Middleware Administering Oracle Identity Manager for more information about the PurgeCache utility.
-
Import into MDS the request dataset definitions in XML format.
See Importing Request Datasets for detailed information about the procedure.
-
To enable the update of a new attribute for provisioning a user:
-
Expand Process Management.
-
Double-click Process Definition and open the Siebel process definition.
-
In the process definition, add a new task for updating the field by clicking Add and then entering the task name, for example,
Primary Organization Updated
, and the task description. Then, in the Task Properties section, select the Conditional, Required for Completion, Allow Cancellation while Pending, and Allow Multiple Instances fields, and click on the Save icon. -
On the Integration tab, click Add, and then click Adapter.
-
Select the adpSIEBELUPDATE adapter, click Save, and then click OK in the message that is displayed.
-
To map the adapter variables listed in this table, select the adapter, click Map, and then specify the data given in the following table:
Note:
Some of the values in this table are specific to Organization (
o
value in Siebel). These values must be replaced with values relevant to the attributes that you require.Variable Name Data Type Map To Qualifier Literal Value Adapter return value
Object
Response code
NA
NA
objectType
String
Literal
String
User
itResourceFieldName
String
Literal
String
UD_SIEBEL_RESOURCETYPE
label
String
Literal
String
Primary Organization
iProcessInstKey
Long
Process data
processinstance
NA
-
On the Responses tab, click Add to add the following response codes:
Code Name Description Status UNKNOWN_UID
user does not exist
R
ERROR
Siebel User Modification Failed
R
UNKNOWN
An unknown response was received
R
CONNECTION_FAILED
Cannot make connection to the resource
R
CONNECTOR_EXCEPTION
Siebel User Modification Failed
R
CONFIGURATION_ERROR
Connector configuration is wrong
R
SUCCESS
Siebel User Modification Successful
C
-
Click the Save icon and then close the dialog box.
-
-
Define the connector. If you are planning to perform any of the other procedures described in this chapter, perform those procedures and then define the connector. See Defining the Connector for more information.
-
If you are using Oracle Identity Manager release 11.1.2.x or later, create a new UI form and attach it to the application instance to make this new attribute visible. See Creating a New UI Form and Updating an Existing Application Instance with a New Form for the procedures.
4.4 Adding New Multivalued Attributes for Reconciliation
Note:
This section describes an optional procedure. Perform this procedure only if you want to add new multivalued attributes for target resource reconciliation.
The new attributes you add for reconciliation must contain only string-format data. Binary attributes must not be brought into Oracle Identity Manager natively.
By default, only the Siebel Responsibility and Siebel Position multivalued attributes are mapped for user reconciliation between Oracle Identity Manager and the target system. If required, you can add new multivalued attributes for target system reconciliation.
To add a new multivalued attribute for target resource reconciliation:
-
Perform the procedure described in Creating and Populating a New Lookup Definition.
Note:
You can skip this step if you are not adding a lookup-based attribute or if you have created and populated a new lookup definition earlier.
-
In the Oracle Identity Manager Design Console, create a form for the multivalued attribute as follows:
-
Expand Development Tools.
-
Double-click Form Designer.
-
Create a form by specifying the table name as UD_SIEBEL_O and description, and then click Save.
-
Click Add and enter the following details of the attribute:
Field Value Name
Organization
Variant Type
String
Length
255
Field Label
Organization
Order
1
Field Type
LookupField
-
Click Save.
-
Go to Properties tab and add a property to the newly added attribute Primary Organization with the following values:
Property Name:
Lookup Code
Property Value:
Lookup.Siebel.Organization
Click the Save icon.
-
Click Make Version Active.
-
-
Add the form created for the multivalued attribute as a child form of the process form as follows:
-
Search for and open the UD_SIEBEL process form.
-
Click Create New Version.
-
Click the Child Table(s) tab.
-
Click Assign.
-
In the Assign Child Tables dialog box, select the newly created child form, click the right arrow, and then click OK.
-
Click Save and then click Make Version Active.
-
-
Add the new attribute to the list of reconciliation fields in the resource object as follows:
-
Expand Resource Management.
-
Double-click Resource Objects.
-
Search for and open the Siebel User resource object.
-
On the Object Reconciliation tab, go to Reconciliation Fields, and then click Add Field.
-
In the Add Reconciliation Fields dialog box, enter the details of the attribute.
For example, enter
Organization
in the Field Name field and select Multi Valued Attribute from the Field Type list. -
Click Save and then close the dialog box.
-
Right-click the newly created attribute.
-
Select Define Property Fields.
-
In the Add Reconciliation Fields dialog box, enter the details of the newly created field.
For example, enter
Organization
in the Field Name field and select String from the Field Type list. -
Click Save, and then close the dialog box.
-
Click Create Reconciliation Profile. This copies changes made to the resource object into the MDS.
-
-
Create a reconciliation field mapping for the new attribute as follows:
-
Expand Process Management.
-
Double-click Process Definition.
-
Search for and open the Siebel Process process form.
-
On the Reconciliation Field Mappings tab of the process definition, click Add Table Map.
-
In the Add Reconciliation Table Mapping dialog box, select the field name and table name from the list, click Save, and then close the dialog box.
-
Right-click the newly created field, and select Define Property Field Map.
-
In the Field Name field, select the value for the field that you want to add.
-
Double-click the Process Data Field field, and then select the required data field.
-
Select the Key Field for Reconciliation Mapping check box, and then click Save.
-
-
Create an entry for the attribute in the lookup definition for reconciliation as follows:
-
Expand Administration.
-
Double-click Lookup Definition.
-
Search for and open the Lookup.Siebel.UM.ReconAttrMap lookup definition.
-
Add the Code Key and Decode of the multivalued attribute in the lookup definition. The Code Key value must be the name of the attribute in the Resource Object along with the containing multivalued attribute name in tilde notation. The Decode value must be the name of the attribute in the target system. See User Attributes for Reconciliation for more information about the format of the Code Key and Decode values.
For example:
Code Key:
Organization~Organization[Lookup]
Decode:
Employee;Employee Organization;Name;false
-
-
Define the connector. If you are planning to perform any of the other procedures described in this chapter, perform those procedures and then define the connector. See Defining the Connector for more information.
-
If you are using Oracle Identity Manager release 11.1.2.x or later, create a new UI form and attach it to the application instance to make this new attribute visible. See Creating a New UI Form and Updating an Existing Application Instance with a New Form for the procedures.
4.5 Adding New Multivalued Attributes for Provisioning
Note:
This section describes an optional procedure. Perform this procedure only if you want to add new multivalued fields for provisioning.
By default, only the Siebel Position form and Siebel Responsibility form attributes are mapped for provisioning between Oracle Identity Manager and the target system. If required, you can add new multivalued attributes for target system reconciliation.
To add a new multivalued attribute for provisioning:
-
Perform the procedure described in Creating and Populating a New Lookup Definition.
Note:
You can skip this step if you are not adding a lookup-based attribute or if you have created and populated a new lookup definition earlier.
-
In the Oracle Identity Manager Design Console, create a process form and add attributes for the multivalued attribute by performing Step 2 of Adding New Multivalued Attributes for Reconciliation.
If you have already performed this procedure, then ignore this step.
-
Create an entry for the attribute in the lookup definition for provisioning as follows:
-
Expand Administration, and then double-click Lookup Definition.
-
Search for and open the Lookup.Siebel.UM.ProvAttrMap lookup definition.
-
Add the Code Key and Decode of the multivalued attribute in the lookup definition. See User Attributes for Provisioning for more information about the format of the Code Key and Decode values.
For example:
Code Key:
UD_SIEBEL_O~Organization[lookup]
Decode:
Employee;Employee Organization;Name;false
-
-
To enable the update of a new multivalued attribute for provisioning:
-
Log in to the Oracle Identity Manager Design Console.
-
Expand Process Management.
-
Double-click Process Definition, and then open the Siebel process definition.
-
In the process definition, add a task for setting a value for the attribute. To do so, click Add, enter the name of the task for adding multivalued attributes, and enter the task description.
-
In the Task Properties section, select the following fields:
Conditional
Required for Completion
Allow Cancellation while Pending
Allow Multiple Instances
Select the child table from the list.
For the example described earlier, select Organization from the list.
Select Insert as the trigger type for adding multivalued data. Alternatively, select Delete as the trigger type for removing multivalued data and select Update as the trigger type for updating multivalued data.
-
On the Integration tab, click Add, and then click Adapter.
-
Select the adpSIEBELUPDATECHILDTABLE adapter, click Save, and then click OK in the message.
-
To map the adapter variables listed in this table, select the adapter, click Map, and then specify the data given in the following table:
Note:
Some of the values in this table are specific to the Mailing Address/Postal Address example. These values must be replaced with values relevant to the multivalued attributes that you require.
Variable Name Data Type Map To Qualifier IT Asset Type Literal Value Adapter return value
Object
Response code
NA
NA
NA
objectType
String
Literal
String
NA
User
childTableName
String
Literal
String
NA
UD_SIEBEL_O
itResourceFieldName
String
Literal
String
NA
UD_SIEBEL_RESOURCETYPE
iProcessInstanceKey
Long
Process data
processinstance
NA
NA
-
Click the Save icon and then close the dialog box.
-
Create similar tasks for insert, delete and update of child form, changing only the trigger type.
Note:
Perform steps 5 through 7 only if you want to perform request-based provisioning.
-
-
Update the request dataset.
When you add an attribute on the process form, you also update the XML file containing the request dataset definitions. To update a request dataset:
-
In a text editor, open the XML file located in the OIM_HOME/DataSet/file directory for editing.
-
Add the AttributeReference element and specify values for the mandatory attributes of this element.
For example, if you added Organization as an attribute on the new process form UD_SIEBEL_O, then enter the following lines:
<AttributeReference name = "Siebel Organization form" attr-ref = "UD_SIEBEL_O" type = "String" widget = "text" length = "255" available-in-bulk = "false"/> <AttributeReference name = "organisation" attr-ref = "Organization" type = "String" widget = "lookup" length = "255" available-in-bulk = "false"/> </AttributeReference>
In the parent AttributeReference element:
- For the name attribute, enter the value in the description field of the newly created process form.
For example, if "Siebel Organization form" is the description of the UD_SIEBEL_O table, then you must specify
Siebel Organization form
as the value of the name attribute in the AttributeReference element.- For the attr-ref attribute, enter the full table name, such as UD_SIEBEL_O.
- For the type attribute, enter
String,
the value that you entered in the Variant Type column of the process form while performing Step 3.- For the widget attribute, enter
text,
the widget name corresponding to the value entered in the Field Type column of the process form while performing Step 3.- For the length attribute, enter the value that you entered in the Length column of the process form.
- For the available-in-bulk attribute, specify
true
if the attribute must be available during bulk request creation or modification. Otherwise, specifyfalse
. -
Add child AttributeReference elements for each attribute in the new process form by performing the procedure in Step 4 of Adding New Attributes for Provisioning.
-
Save and close the XML file.
-
-
Run the PurgeCache utility to clear content related to request datasets from the server cache.
-
Import into MDS the request dataset definitions in XML format.
See Importing Request Datasets for detailed information about the procedure.
-
Define the connector. If you are planning to perform any of the other procedures described in this chapter, perform those procedures and then define the connector. See Defining the Connector for more information.
-
If you are using Oracle Identity Manager release 11.1.2.x or later, create a new UI form and attach it to the application instance to make this new attribute visible. See Creating a New UI Form and Updating an Existing Application Instance with a New Form for the procedures.
4.6 Adding New Siebel Business Objects and Business Components for Reconciliation
Note:
-
This section describes an optional procedure. Perform this procedure only if you want to add new Siebel Business Objects and Business Components for reconciliation.
-
Account Object: We do support all account related objects in Siebel connector and we ship OIM artifacts for "Employee" and "User" objects. For supporting other account related objects, you need to write the OIM artifacts for the same as per the instructions given in Adding New Siebel Business Objects and Business Components for Reconciliation, and Adding New Siebel Business Objects and Business Components for Provisioning.
-
Non-account objects: We do support Siebel's non-account object for create operation only, but not for other operations (that is, update and reconciliation). By default, we do not ship any artifacts for non-account objects. You need to write the whole set of OIM artifact for non-account objects. Oracle Identity Manager supports User, Org and Group entities only and resource object can either be attached to User or Org. Therefore, in case of supporting non-account objects of target system, you can use the following solution:
-
You can create an Org in Oracle Identity Manager with name (SiebelPositionManagement) and open this Org.
-
Click the Resource tab and provision the new Siebel positions to the target.
-
To add a new business object or business component for reconciliation, perform the following procedure:
4.7 Adding New Siebel Business Objects and Business Components for Provisioning
Note:
-
This section describes an optional procedure. Perform this procedure only if you want to add new Siebel Business Objects and Business Components for provisioning.
-
Account Object: We do support all account related objects in Siebel connector and we ship OIM artifacts for "Employee" and "User" objects. For supporting other account related objects, you need to write the OIM artifacts for the same as per the instructions given in Adding New Siebel Business Objects and Business Components for Reconciliation, and Adding New Siebel Business Objects and Business Components for Provisioning.
-
Non-account objects: We do support Siebel's non-account object for create operation only, but not for other operations (that is, update and reconciliation). By default, we do not ship any artifacts for non-account objects. You need to write the whole set of OIM artifact for non-account objects. Oracle Identity Manager supports User, Org and Group entities only and resource object can either be attached to User or Org. Therefore, in case of supporting non-account objects of target system, you can use the following solution:
-
You can create an Org in Oracle Identity Manager with name (SiebelPositionManagement) and open this Org.
-
Click the Resource tab and provision the new Siebel positions to the target.
-
To add a new business object or business component, perform the following procedure:
4.8 Configuring Transformation of Data During User Reconciliation
Note:
This section describes an optional procedure. Perform this procedure only if you want to configure transformation of data during reconciliation.
You can configure transformation of reconciled data according to your requirements. For example, you can automate the look up of the field name from an external system and set the value based on the field name.
To configure transformation of data:
-
Write code that implements the required transformation logic in a Java class.
This transformation class must implement the oracle.iam.connectors.common.transform.Transformation interface and the transform method.
See Also:
The Javadocs shipped with the connector for more information about this interface
The following sample transformation class creates a value for the Full Name attribute by using values fetched from the First Name and Last Name attributes of the target system:
package oracle.iam.connectors.common.transform; import java.util.HashMap; public class TransformAttribute implements Transformation { /* Description:Abstract method for transforming the attributes param hmUserDetails<String,Object> HashMap containing parent data details param hmEntitlementDetails <String,Object> HashMap containing child data details */ public Object transform(HashMap hmUserDetails, HashMap hmEntitlementDetails,String sField) { /* * You must write code to transform the attributes. Parent data attribute values can be fetched by using hmUserDetails.get("Field Name"). *To fetch child data values, loop through the * ArrayList/Vector fetched by hmEntitlementDetails.get("Child Table") * Return the transformed attribute. */ String sFirstName= (String)hmUserDetails.get("First Name"); String sLastName= (String)hmUserDetails.get("Last Name"); String sFullName=sFirstName+"."+sLastName; return sFullName; } }
-
Create a JAR file to hold the Java class.
-
Run the Oracle Identity Manager Upload JARs utility to post the JAR file to the Oracle Identity Manager database. This utility is copied into the following location when you install Oracle Identity Manager:
Note:
Before you use this utility, verify that the
WL_HOME
environment variable is set to the directory in which Oracle WebLogic Server is installed.-
For Microsoft Windows: OIM_HOME/server/bin/UploadJars.bat
-
For UNIX: OIM_HOME/server/bin/UploadJars.sh
When you run the utility, you are prompted to enter the login credentials of the Oracle Identity Manager administrator, URL of the Oracle Identity Manager host computer, context factory value, type of JAR file being uploaded, and the location from which the JAR file is to be uploaded. Specify 1 as the value of the JAR type.
-
-
Add an entry in the Lookup.Transform.Siebel lookup definition as following:
Code Key: Enter the name of the attribute on which you want to apply the transformation. For example:
FirstName
Decode: Enter the name of the class file. For example:
com.thortech.xl.schedule.tasks.AppendTransformer
-
Log in to the Design Console.
-
Search for and open the Lookup.Siebel.UM.ReconTransformation lookup definition.
-
In the Code Key column, enter the name of the attribute on which you want to apply the transformation. For example:
FirstName.
-
In the Decode column, enter the name of the class file. For example:
com.thortech.xl.schedule.tasks.AppendTransformer
. -
Save the changes to the lookup definition.
-
Save the changes to the lookup definition.
-
4.9 Configuring Validation of Data During Reconciliation and Provisioning
You can configure validation of reconciled and provisioned single-valued data according to your requirements. For example, you can validate data fetched from the First Name attribute to ensure that it does not contain the number sign (#). In addition, you can validate data entered in the First Name field on the process form so that the number sign (#) is not sent to the target system during provisioning operations.
For data that fails the validation check, the following message is displayed or recorded in the log file:
Value returned for field
FIELD_NAME
is false.
Note:
This feature cannot be applied to the Locked/Unlocked status attribute of the target system.
To configure validation of data:
-
Write code that implements the required validation logic in a Java class.
This validation class must implement the oracle.iam.connectors.common.validate.Validator interface and the validate method.
See Also:
The Javadocs shipped with the connector for more information about this interface
The following sample validation class checks if the value in the First Name attribute contains the number sign (#):
public boolean validate(HashMap hmUserDetails, HashMap hmEntitlementDetails, String field) { /* * You must write code to validate attributes. Parent * data values can be fetched by using hmUserDetails.get(field) * For child data values, loop through the * ArrayList/Vector fetched by hmEntitlementDetails.get("Child Table") * Depending on the outcome of the validation operation, * the code must return true or false. */ /* * In this sample code, the value "false" is returned if the field * contains the number sign (#). Otherwise, the value "true" is * returned. */ boolean valid=true; String sFirstName=(String) hmUserDetails.get(field); for(int i=0;i<sFirstName.length();i++){ if (sFirstName.charAt(i) == '#'){ valid=false; break; } } return valid; }
-
Create a JAR file to hold the Java class.
-
Run the Oracle Identity Manager Upload JARs utility to post the JAR file to the Oracle Identity Manager database. This utility is copied into the following location when you install Oracle Identity Manager:
Note:
Before you use this utility, verify that the
WL_HOME
environment variable is set to the directory in which Oracle WebLogic Server is installed.-
For Microsoft Windows: OIM_HOME/server/bin/UploadJars.bat
-
For UNIX: OIM_HOME/server/bin/UploadJars.sh
When you run the utility, you are prompted to enter the login credentials of the Oracle Identity Manager administrator, URL of the Oracle Identity Manager host computer, context factory value, type of JAR file being uploaded, and the location from which the JAR file is to be uploaded. Specify 1 as the value of the JAR type.
-
-
If you created the Java class for validating a process form field for reconciliation, then:
-
Log in to the Design Console.
-
Search for and open the Lookup.Siebel.UM.ReconValidation lookup definition.
-
In the Code Key, enter the resource object field name. In the Decode, enter the class name.
-
Save the changes to the lookup definition.
-
Search for and open the Lookup.Siebel.UM.Configuration lookup definition.
-
Ensure that the value of the Recon Validation Lookup entry is set to
Lookup.Siebel.UM.ReconValidation.
-
Save the changes to the lookup definition.
-
-
If you created the Java class for validating a process form field for provisioning, then:
-
Log in to the Design Console.
-
Search for and open the Lookup.Siebel.UM.ProvValidation lookup definition.
-
In the Code Key column, enter the process form field name. In the Decode column, enter the class name.
-
Save the changes to the lookup definition.
-
Search for and open the Lookup.Siebel.UM.Configuration lookup definition.
-
Ensure that the value of the Recon Transformation Lookup entry is set to
Lookup.Siebel.UM.ReconTransformation.
-
Save the changes to the lookup definition.
-
4.10 Configuring the Connector for Multiple Installations of the Target System
You might want to configure the connector for multiple installations of the target system. The following example illustrates this requirement:
The London and New York offices of Example Multinational Inc. have their own installations of the target system. The company has recently installed Oracle Identity Manager, and they want to configure Oracle Identity Manager to link all the installations of the target system.
You can use access policies to manage multiple installations of the target system.
Note:
If you want to create copies of all the objects that constitute the connector, then see Cloning Connectors in Oracle Fusion Middleware Administering Oracle Identity Manager
4.11 Defining the Connector
By using the Administrative and User Console, you can define a customized or reconfigured connector. Defining a connector is equivalent to registering the connector with Oracle Identity Manager.
A connector is automatically defined when you install it using the Install Connectors feature or when you upgrade it using the Upgrade Connectors feature. You must manually define a connector if:
-
You import the connector by using the Deployment Manager.
-
You customize or reconfigure the connector.
-
You upgrade Oracle Identity Manager.
The following events take place when you define a connector:
-
A record representing the connector is created in the Oracle Identity Manager database. If this record already exists, then it is updated:
-
The status of the newly defined connector is set to Active. In addition, the status of a previously installed release of the same connector automatically is set to Inactive.
See Defining Connectors in Oracle Fusion Middleware Administering Oracle Identity Manager for detailed information about the procedure to define connectors.
4.12 Configuring the Connector for Multiple Versions of the Target System
For multiple versions of the target system:
- Configure values for the parameters of the connector server IT resource.
- After configuring follow below steps :
- Copy the bundle/org.identityconnectors.siebel-12.3.0.jar file into the CONNECTOR_SERVER_HOME/bundles directory.
- Depending on the target system that you are using, copy the following third-party JAR files from the SIEBEL_INSTALLATION_DIRECTORY/siebsrvr/CLASSES directory into the CONNECTOR_SERVER_HOME/lib directory:
- - For Siebel 7.5 through 7.7:
- SiebelJI.jar
- SiebelJI_Common.jar
- SiebelJI_enu.jar
- - For Siebel 7.8 through 8.2.2 and Siebel Innovation Pack 2015, 2016, 2017, 2018, Siebel 19.xand Siebel 20.x:
- Siebel.jar
- SiebelJI_enu.jar
- Start the connector server.
See Also:
- For more information on installing and running connector server, see Using an Identity Connector Server in Oracle Fusion Middleware Developing and Customizing Applications for Oracle Identity Governance.