OIM 11gR2 PS2 provides a convenient way of implementing this use-case and it is the subject of this post.
The basic idea could be summarized in the following steps:
- Develop the landing page as an ADF task flow and associated Managed Bean
- Deploy the task flow as part of the OIM UI customization shared library
- Configure OIM to call this task flow when a user logs into OIM
- Grant authenticated users permission to view this task flow
The remainder of this post expands on the above steps. Please note that
in this article our concern is how to deploy and invoke this landing
page task flow. The design and implementation of the task flow itself is
outside of the scope of this article. Users could design and implement
the task flow based on their requirements. All the power provided by ADF
task flows is at your disposal from running an iFrame inside of this
task flow to pulling the content to display from an external content
server. For the purpose of this article, we use a very simple static
page to display in this task flow. The implementation steps provided are
for OIM 11g R2 PS2 deployed on a Weblogic application server. Also, the
steps provided are at a high-level and assume that readers are
comfortable or at least have some background in the area of OIM UI
customization. In addition to product manuals, you could refer to the
following excellent blog posts written by my colleagues for more
information on OIM UI customization:
So lets’ get started with the step 1. Develop an ADF taskflow in a
JDeveloper project that meets your requirements for the landing page.
For the purpose of this example, we will use a very simple taskflow that
consists of only one view activity which displays a static page once a
user logs in to self-service (identity) console as shown in the
following screen capture:
Next, we need to develop a Java class (The full class name used in this sample is “oracle.iam.ui.sample.homepage.view.HomepagePortletReqBean”) that will be exposed as a Managed Bean. Define a bean method in this class that returns an object of type “oracle.idm.shell.model.TaskFlow”. This class is available in "oracle-idm-uishell.jar" which is present in "<IAM_HOME>/modules/oracle.idm.uishell_11.1.1" sub-directory of Fusion Middleware Home. Following is a sample that I used for this post:
public TaskFlow getHomePageTFId(){ TaskFlow tf = new TaskFlow(); tf.setName("CustomLandingPageTF"); tf.setId("helloWorldTF"); tf.setTaskFlowId("/WEB-INF/oracle/iam/ui/sample/homepage/tfs/hello-world-tf.xml#hello-world-tf"); tf.setDescription("CustomLandingPageTF"); return tf;}
Please note the following:- setTaskFlowId method is passed the full taskflow identifier which for this example is “/WEB-INF/oracle/iam/ui/sample/homepage/tfs/hello-world-tf.xml#hello-world-tf”
- The string that is passed to the setName method is used to display the title of the view activity.
Next, declare this class as a Managed Bean (in adfc-config.xml) as follows:
Configure the project to be deployed as ADF library jar file. Deploy
the project. A jar file should be created as a result of this
deployment. This completes step 1.
Lets’ get started with step 2. Copy over the existing “oracle.iam.ui.custom-dev-starter-pack.war” from the OIM server to a temporary location. Extract the contents of this war file in a temporary directory. Copy the jar created in step 1 to the WEB_INF/lib directory created after extracting the OIM customization library. If WEB_INF doesn’t contain a sub-directory called lib, create it. Re-pack the contents of OIM customization library making sure to not overwrite the manifest file. Move this library to its original location. This completes step 2.
Next, we need to configure OIM to call this taskflow when end users log-in to identity console. In order to do this, log-in to sysadmin console as xelsysadm (or a System Administrator) and set the following system property:
This completes step 3.
Lets’ move on to step 4. Log in to Enterprise Manager application and navigate to Oracle Identity Manager --> Security --> Application Policies:
Select “OracleIdentityManager” from the Application Stripe dropdown and perform a search:
Create a new application grant as follows:
Lets’ get started with step 2. Copy over the existing “oracle.iam.ui.custom-dev-starter-pack.war” from the OIM server to a temporary location. Extract the contents of this war file in a temporary directory. Copy the jar created in step 1 to the WEB_INF/lib directory created after extracting the OIM customization library. If WEB_INF doesn’t contain a sub-directory called lib, create it. Re-pack the contents of OIM customization library making sure to not overwrite the manifest file. Move this library to its original location. This completes step 2.
Next, we need to configure OIM to call this taskflow when end users log-in to identity console. In order to do this, log-in to sysadmin console as xelsysadm (or a System Administrator) and set the following system property:
Property Name: Homepage for Self Service consoleKeyword: OIM.IdentityHomepageValue: #{homePageBean.homePageTFId}
- The value is set to an EL Expression
- The EL Expression resolves to the “getHomePageTFId” method of the Managed Bean developed in step 1.
This completes step 3.
Lets’ move on to step 4. Log in to Enterprise Manager application and navigate to Oracle Identity Manager --> Security --> Application Policies:
Select “OracleIdentityManager” from the Application Stripe dropdown and perform a search:
Create a new application grant as follows:
Grantee: authenticated-userPermission Class: oracle.adf.controller.security.TaskFlowPermissionResource Name: /WEB-INF/oracle/iam/ui/sample/homepage/tfs/hello-world-tf.xml#hello-world-tfPermission Actions: view
Posts
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.