Interface AuthenticatedSelfService
AuthenticatedSelfService
API exposes the methods to a logged-in user
to manage his profile. It provides functionality to manage profile attributes, change password
and manage challenge questions and answers. Apart from basic profile operations,
there are proxy related operations to get proxy details and submit requests to assign, remove
and update the proxy.
Below is the code snippet that shows how to get an instance of this service:
//returns an AuthenticatedSelfService service instance
Hashtable<String, String> env = new Hashtable<String, String>();
env.put(OIMClient.JAVA_NAMING_PROVIDER_URL, "t3://oimhost:oimport";
env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL, "weblogic.jndi.WLInitialContextFactory");
env.put("APPSERVER_TYPE", "wls");
OIMClient client = new OIMClient(env);
client.login("xelsysadm", "password".toCharArray());
AuthenticatedSelfService authSelfSvc = client.getService(AuthenticatedSelfService.class);
// Gets the list of system challenge questions
String[] sysChallengeQuestions = authSelfSvc.getSystemChallengeQuestions();
....
-
Method Summary
Modifier and TypeMethodDescriptionlong
addProxyForUser
(long proxyUserKey, Date startDate, Date endDate) Deprecated.addProxyForUser
(String proxyUserID, Date startDate, Date endDate, boolean isUserLogin) Adds/Sets proxy for user after checking the user privilege.void
changePassword
(char[] password) Deprecated.This API is no more supported.void
changePassword
(char[] oldPwd, char[] newPwd, char[] confirmPwd) Accepts the old and new password for the logged-in user and changes his password if validations pass.Gets a list of the all the proxy for the given userReturns the challenge values for self.getChallengeValuesForSelf
(Locale locale) Returns a HashMap for the challenge values from the pcq table using the Local informationReturns the current proxy details of the specified userGets all direct reports of the user i.e.Returns the past proxy details of the specified usergetProfileDetails
(Set<String> retAttrs) Returns the details of the logged-in user.getProfileDetails
(Set<String> retAttrs, boolean hasAccessChecked) String[]
Deprecated.This method is not longer supported.String[]
getUserDefinedChallengeQuestions
(String userName) Gets theString
array of user's challenge questionsoracle.idm.common.ipf.api.vo.UserInfoInterface
Returns User Info of logged-in user.modifyProfileDetails
(HashMap<String, Object> attributeMap) This method modifies the logged-in user's profile attributes.void
Removes all proxies for user.void
removeProxy
(long proxyKey) Deprecated.The preferred way to do is viaremoveProxy(String)
void
removeProxy
(String proxyID) Removes proxy for the user after checking the user privilege.void
removeProxy
(String userID, long proxyKey, Map<String, Object> attrMap, boolean isUserLogin) Deprecated.The preferred way to do is viaremoveProxy(String)
void
setChallengeValues
(Map<String, Object> quesAnsMap) Sets challenge questions and answers for logged-in user.void
setChallengeValuesWithPasswordAuth
(Map<String, Object> quesAnsMap, char[] password) void
updateProxyForUser
(long pxdKey, Map updateMap) Deprecated.The preferred way to do is viaupdateProxyForUser(String, Map)
void
updateProxyForUser
(String proxyID, Map updateMap) Modifies proxy for the user after checking the user privilege.
-
Method Details
-
changePassword
void changePassword(char[] oldPwd, char[] newPwd, char[] confirmPwd) throws ValidationFailedException, ChangePasswordException Accepts the old and new password for the logged-in user and changes his password if validations pass.- Parameters:
oldPwd
- the old password of the logged-in usernewPwd
- the new passwordconfirmPwd
- the new password again for confirmation- Throws:
ValidationFailedException
- thrown when the old password is not valid or if the new password and confirm password do not match.ChangePasswordException
- thrown when there is an exception while changing the user's password
-
getSystemChallengeQuestions
Deprecated.This method is not longer supported. The preferred way to do this is viaPasswordMgmtService.getApplicableDefaultChallengeQuestions(String,Boolean,Locale)
Returns the list of all challenge questions available in the system- Returns:
- an array of challenge questions defined in the system
- Throws:
AuthSelfServiceException
- thrown when there's an error while getting the system challenge questions.
-
setChallengeValues
void setChallengeValues(Map<String, Object> quesAnsMap) throws ValidationFailedException, SetChallengeValueExceptionSets challenge questions and answers for logged-in user. Validations are performed to ensure that same question isn't specified twice.- Parameters:
quesAnsMap
- AMap
of challenge questions and answers to be set for logged-in user- Throws:
SetChallengeValueException
- thrown when there is a failure while setting the challenge questionsValidationFailedException
- is throw if validation fails for the challenge operation
-
setChallengeValuesWithPasswordAuth
void setChallengeValuesWithPasswordAuth(Map<String, Object> quesAnsMap, char[] password) throws ValidationFailedException, SetChallengeValueException, PasswordVerificationException, oracle.iam.platform.pluginframework.PluginStoreException- Throws:
ValidationFailedException
SetChallengeValueException
PasswordVerificationException
oracle.iam.platform.pluginframework.PluginStoreException
-
changePassword
@Deprecated void changePassword(char[] password) throws ValidationFailedException, ResetPasswordException Deprecated.This API is no more supported. Please usechangePassword(char[], char[], char[])
Accepts the new password (since old password is expired) and sets it as the current password for the user- Parameters:
password
- The password to set as new password for the user.- Throws:
ResetPasswordException
- thrown when there's a failure while resetting the user passwordValidationFailedException
- is thrown if the validation fails while setting the new password.
-
getUserDefinedChallengeQuestions
String[] getUserDefinedChallengeQuestions(String userName) throws UserAccountDisabledException, UserAccountInvalidException, AuthSelfServiceException Gets theString
array of user's challenge questions- Parameters:
userName
- The user login whose challenge questions are to be retrieved- Returns:
- an array of user's challenge questions
- Throws:
UserAccountDisabledException
- thrown if user account is disabledUserAccountInvalidException
- thrown if user account is invalidAuthSelfServiceException
- thrown if there's an error getting the user's challenge questions
-
modifyProfileDetails
HashMap<String,Object> modifyProfileDetails(HashMap<String, Object> attributeMap) throws ValidationFailedException, AccessDeniedException, AuthSelfServiceExceptionThis method modifies the logged-in user's profile attributes. If the user doesn't have authorization to update some of the attributes, then a request is sumbitted to modify those. If approved, these will be updated.- Parameters:
attributeMap
- TheMap
of attribute value pair that are to be modified- Returns:
- returnModifyMap A
Map
contains authorized modified attribute list, the list of attributes that are sent via request and request id, if so:
- orchAttr - the set of attributes modified
- requestId - the Id of the request generated for modification
- Throws:
ValidationFailedException
- thrown if validation for modify operation fails.AccessDeniedException
- thrown if the user doesn't have authorization to update his profileAuthSelfServiceException
- thrown if there is an exception while modifying the profile
-
getProfileDetails
Returns the details of the logged-in user. The profile attributes returned are as per the authorization policy. That is, only those attributes are returned for which the user has view/read access.- Parameters:
retAttrs
- the set of profile attributes whose values are desired. If this is null, then all profile attributes (as per policy) are returned.- Returns:
- User The
User
class is a value object class to hold the GUID, attribute name-value pair and direct reports of user. - Throws:
UserLookupException
- thrown when there was an exception while fetching the user attributes
-
getProfileDetails
- Throws:
UserLookupException
-
getChallengeValuesForSelf
Returns a HashMap for the challenge values from the pcq table using the Local information- Throws:
AuthSelfServiceException
-
getChallengeValuesForSelf
Returns the challenge values for self.- Returns:
- a HashMap for the challenge values from the pcq table
- Throws:
AuthSelfServiceException
-
addProxyForUser
@Deprecated long addProxyForUser(long proxyUserKey, Date startDate, Date endDate) throws NoSuchUserException, RecursiveProxyException, UserManagerException, AccessDeniedException Deprecated.The preferred way to do is viaaddProxyForUser(String, Date, Date, boolean)
Adds/Sets proxy for user after checking the user privilege.- Parameters:
proxyUserKey
- key of the user to be proxied.startDate
- start date for proxy.endDate
- end date of the proxy.- Returns:
- the proxy id in the table.
- Throws:
NoSuchUserException
RecursiveProxyException
UserManagerException
AccessDeniedException
-
updateProxyForUser
@Deprecated void updateProxyForUser(long pxdKey, Map updateMap) throws NoSuchUserException, RecursiveProxyException, UserManagerException, AccessDeniedException Deprecated.The preferred way to do is viaupdateProxyForUser(String, Map)
Modifies proxy for the user after checking the user privilege.- Parameters:
pxdKey
- key of the proxy whose details is to be updated.updateMap
- an attribute map of the fields to update:
- proxyuserkey - the current proxy user
- proxystartdate - start date when the proxy takes effect
- proxyenddate - end date when the proxy ends
- Throws:
NoSuchUserException
RecursiveProxyException
UserManagerException
AccessDeniedException
-
removeProxy
@Deprecated void removeProxy(String userID, long proxyKey, Map<String, Object> attrMap, boolean isUserLogin) throws NoSuchUserException, UserManagerException, AccessDeniedExceptionDeprecated.The preferred way to do is viaremoveProxy(String)
Removes proxy for the user after checking the user privilege.- Parameters:
userID
- The id of the user whose proxy is to be removed. The isUserLogin flag will decide what does userID contains.proxyKey
- The key of the proxy to be removed.attrMap
- [Optional] The Map of attributes containing proxy details.isUserLogin
- Set to true if the userID contains user login and false if the userID contains user key.- Throws:
NoSuchUserException
UserManagerException
AccessDeniedException
-
removeProxy
Deprecated.The preferred way to do is viaremoveProxy(String)
Removes proxy for the user after checking the user privilege.- Parameters:
proxyKey
- The key of the proxy to be removed.- Throws:
UserManagerException
AccessDeniedException
-
addProxyForUser
String addProxyForUser(String proxyUserID, Date startDate, Date endDate, boolean isUserLogin) throws NoSuchUserException, RecursiveProxyException, UserManagerException, AccessDeniedException Adds/Sets proxy for user after checking the user privilege.- Parameters:
proxyUserID
- ID of the user to be proxied.startDate
- start date for proxy.endDate
- end date of the proxy.- Returns:
- the proxy identifier.
- Throws:
NoSuchUserException
RecursiveProxyException
UserManagerException
AccessDeniedException
-
updateProxyForUser
void updateProxyForUser(String proxyID, Map updateMap) throws NoSuchUserException, RecursiveProxyException, UserManagerException, AccessDeniedException Modifies proxy for the user after checking the user privilege.- Parameters:
proxyID
- ID of the proxy whose details is to be updated.updateMap
- an attribute map of the fields to update:
- proxyuserId - Entity ID of the current proxy user
- proxystartdate - start date when the proxy takes effect
- proxyenddate - end date when the proxy ends
- Throws:
NoSuchUserException
RecursiveProxyException
UserManagerException
AccessDeniedException
-
removeProxy
Removes proxy for the user after checking the user privilege.- Parameters:
proxyID
- The ID of the proxy to be removed.- Throws:
UserManagerException
AccessDeniedException
-
removeAllProxiesForUser
void removeAllProxiesForUser() throws NoSuchUserException, UserManagerException, AccessDeniedExceptionRemoves all proxies for user. Past Proxies cannot be deleted. In Progress Proxy are not deleted rather their end date is changed to today.- Throws:
NoSuchUserException
- If user with given userID does not exist.AccessDeniedException
- If the logged-in user does not have the required authorization to perform this operationUserManagerException
- If update proxy operation fails due some other reason.
-
getAllProxies
Gets a list of the all the proxy for the given user- Returns:
- List of proxy details for all proxies associated with the specified user
- Throws:
AccessDeniedException
- If the logged-in user does not have the required authorization to perform this operation.
-
getCurrentProxies
Returns the current proxy details of the specified user- Returns:
- List of proxy details for all current proxies associated with the specified user
- Throws:
AccessDeniedException
- If the logged-in user does not have the required authorization to perform this operation.NoSuchUserException
- If the user with given userID is not found.
-
getPastProxies
Returns the past proxy details of the specified user- Returns:
- List of proxy details for all past proxies associated with the specified user
- Throws:
AccessDeniedException
- If the loggedUser does not have the required authorization to perform this operation.
-
getMyDirects
List<User> getMyDirects(Set<String> returnAttributes, HashMap<String, Object> searchParameters) throws UserManagerException, AccessDeniedExceptionGets all direct reports of the user i.e. all users for which the logged-in user is the manager.- Parameters:
returnAttributes
- The list of attributes which are to be returned for each user.searchParameters
- Parameters to further configure the search operation. There are four configuration parameters. STARTROW, ENDROW, SORTEDBY and SORTORDER.The STARTROW and ENDROW search configuration parameters indicates which subset of the complete search result is to be fetched. These parameters are mandatory.
The SORTEDBY search configuration parameter indicates the attribute on which search result is to be sorted. This parameter is optional and is set to 'User Login' by default.
The SORTORDER search configuration parameter indicates the order of sorting. There are two possible values for this parameter. To sort the result in ascending order use SortOrder.ASCENDING and to sort the result in descending order use SortOrder.DESCENDING. This parameter is optional and is set to SortOrder.ASCENDING by default.
- Returns:
- the list of all users of whom the logged-in user is the manager.
- Throws:
AccessDeniedException
- if the logged-in user does not have the required authorization.UserManagerException
- if there is an error finding direct reports.
-
getUserInfo
Returns User Info of logged-in user.- Returns:
- UserInfoInterface of IPF
- Throws:
AuthSelfServiceException
-
addProxyForUser(String, Date, Date, boolean)