OIM 11gR2 PS2 provides a convenient way of implementing this use-case and it is the subject of this post.
The basic idea could be summarized in the following steps:
- Develop the landing page as an ADF task flow and associated Managed Bean
- Deploy the task flow as part of the OIM UI customization shared library
- Configure OIM to call this task flow when a user logs into OIM
- Grant authenticated users permission to view this task flow
Next, we need to develop a Java class (The full class name used in this sample is “oracle.iam.ui.sample.homepage.view.HomepagePortletReqBean”) that will be exposed as a Managed Bean. Define a bean method in this class that returns an object of type “oracle.idm.shell.model.TaskFlow”. This class is available in "oracle-idm-uishell.jar" which is present in "<IAM_HOME>/modules/oracle.idm.uishell_11.1.1" sub-directory of Fusion Middleware Home. Following is a sample that I used for this post:
public TaskFlow getHomePageTFId()
TaskFlow tf = new TaskFlow();
Please note the following:
- setTaskFlowId method is passed the full taskflow identifier which for this example is “/WEB-INF/oracle/iam/ui/sample/homepage/tfs/hello-world-tf.xml#hello-world-tf”
- The string that is passed to the setName method is used to display the title of the view activity.
Lets’ get started with step 2. Copy over the existing “oracle.iam.ui.custom-dev-starter-pack.war” from the OIM server to a temporary location. Extract the contents of this war file in a temporary directory. Copy the jar created in step 1 to the WEB_INF/lib directory created after extracting the OIM customization library. If WEB_INF doesn’t contain a sub-directory called lib, create it. Re-pack the contents of OIM customization library making sure to not overwrite the manifest file. Move this library to its original location. This completes step 2.
Next, we need to configure OIM to call this taskflow when end users log-in to identity console. In order to do this, log-in to sysadmin console as xelsysadm (or a System Administrator) and set the following system property:
Property Name: Homepage for Self Service console
Please note the following:
- The value is set to an EL Expression
- The EL Expression resolves to the “getHomePageTFId” method of the Managed Bean developed in step 1.
This completes step 3.
Lets’ move on to step 4. Log in to Enterprise Manager application and navigate to Oracle Identity Manager --> Security --> Application Policies:
Select “OracleIdentityManager” from the Application Stripe dropdown and perform a search:
Create a new application grant as follows:
Permission Class: oracle.adf.controller.security.TaskFlowPermission
Resource Name: /WEB-INF/oracle/iam/ui/sample/homepage/tfs/hello-world-tf.xml#hello-world-tf
Permission Actions: view
Restart Weblogic Managed Server(s) hosting OIM. Your taskflow should be launched when end-users log in.