Removing Role Membership through API's in OIM11g
Guys, I am trying to remove a role membership for a user.
I was trying with this API (*oracle.iam.identity.rolemgmt.api*) and Interface RoleManager.revokeRoleGrant(roleKey,userKeys,evaluatePolicies). I am getting errors when I try to Import the api oracle.iam.identity.rolemgmt.api as Import cannot be resolved. which is the exact jar that I should add in the build path?
I have added all the 25 jars of lib but still it is not resolved.
And is this the correct API for removing the role membership for a user?
please share the sample code snippet if any of you have already have that functionality?
Edited by: Venu on Aug 24, 2011 3:00 PM
Venu wrote:
Guys, I am trying to remove a role membership for a user.
I was trying with this API (*oracle.iam.identity.rolemgmt.api*) and Interface RoleManager.revokeRoleGrant(roleKey,userKeys,evaluatePolicies). I am getting errors when I try to Import the api oracle.iam.identity.rolemgmt.api as Import cannot be resolved. which is the exact jar that I should add in the build path?
I have added all the 25 jars of lib but still it is not resolved.
And is this the correct API for removing the role membership for a user?
please share the sample code snippet if any of you have already have that functionality?
Edited by: Venu on Aug 24, 2011 3:00 PMYou don't need to use 25 jars from the lib in your client code. Just need to use 3 jars which are bundled in the OIM_HOME\server\client\oimclient.zip\lib folder and wlfullclient.jar. The oracle.iam.identity.rolemgmt.api is in oimclient.jar which is in the oimclient.zip\lib folder.
HTH
Similar Messages
-
OIM 11g: Issue while evaluating rule for Role Membership
Hello All,
I have configured few General Rules using 2 of our User Defined Fields, these general rules are used to determine role membership.
What we observed that once "Identity Status" attribute is set to "Disabled" for OIM User Profile then OIM stops evaluating these configured General Rules for Role Membership.
Env Details:
Product Version: Oracle Identity Manager 11.1.1.5.0
App Server: WebLogic Server Version: 10.3.5.0
OS: Red Hat Enterprise Linux Server release 5.5
Database: Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64 bit
Please let me know if any of you have encounter this issue and if there is any workaround available for it.
Thanks,
ShyamRe: OIM11g: Resource not revoked if the Identity Status is DISABLED
XL.EvaluateMembershipForInactiveUser
Workaround:
You can make you of Event Handler and assign that group with APIs. -
User / Customer Role Membership Check in ISF / Javascript
Did not see this in the documentation...
Does anyone know if checking for the User or Customer Role membership inside ISF / Javascript is supported? -- Like similar to how we can check for "Moment".
If so, what is the variable name and the values?
Thanks.I think some of the libraries such as ExtJS are loaded and usable on the order forms, but for ones that are not, you can point to the existing library files under RequestCenter.war and add them as a JavaScript library in service designer.
Below is a quick example of looking up the role through the NS API, it should be enough to get you started on what you need.
function doSomething(){
//Performs NS API XHR Request and returns the responseXML document
function nsapiRequest(url) {
var xhr = new XMLHttpRequest();
xhr.open("GET", url, false);
xhr.send();
if (xhr.readyState === 4) {
if (xhr.status === 200) {
return xhr.responseXML;
} else {
console.error(xhr.statusText);
//Function to check if user belongs to a role
function hasRole(roleName) {
var doc = nsapiRequest("/RequestCenter/nsapi/directory/people/currentuser");
//Get all associated role elements
var roles = doc.getElementsByTagName("associatedRole");
//Loop through roles to check for a specific one, could also build an array of all user roles
for (var i = 0; i < roles.length; i++) {
//Extract role value
var role = roles[i].childNodes[1].firstChild.nodeValue;
if (role === roleName)
return true;
return false;
var siteAdmin = hasRole("Site Administrator");
if (siteAdmin){
//do something -
Custom plugin based on user role membership
Hi all,
I would like to develope a custom plugin that generates account userid (on process form) with different syntax against role membership.
With "syntax" I mean name.surname.random_number for employee users and surname.company.random_number for example.
I'll try to explain the scenario more in details:
1. I create a user identity through a request
2. After user identity has created successfully, I assign a role to the user. Since roles are associated with access policies, role assignment triggers provisioning on target system.
3. The custom plugin that I would like to develope shuold be able to generate proper userid against role membership. For example if I assigned the role "Project Manager" the custom plugin should generate the account userid with name.surname.random_number format; viceversa if I assigned the role "External Reseller" the custom plugin should generate the account userid with surname.company.random_number format.
Looking for custom plugin based on role membership in forum, I found a couple of threads about this subject:
- Email notifications after role grant
- Re: OIM 11g Role Membership Event Handlers.
I tried to implement what explained in the threads, but I would be sure about what I've done.
Here what I've done:
1. created plugin.xml file
2. created EventHandler.xml metadata file
3. developed a java calss for testing pourpose
4. copied the custom plugin class to OIM server for example in $MIDDLEWARE_HOME/OIMPlugins/lib
NOTE: during this operation I have exactly mantained the same directory structure of custom java package.
For example custom plugin class is under my.custom.plugin java package and I have copied custom java class under $MIDDLEWARE_HOME/OIMPlugins/lib/my/custom/plugin folder
5. created a zip file containing custom plugin class (always with its directory structure) and plugin.xml file
6. copied the zip file to $OIM_HOME/server/plugins
7. edited ant.properties file (under $OIM_HOME/server/plugin_utility) setting wls.home and oim.home variables
8. built the wlfullclient.jar (only the first time)
9. registered the custom plugin
10. created the custom plugin dataset file
11. imported it in OIM database using "weblogicImportMetadata" utility
12. purged cache using "PurgeCache" utility
NOTE: all the steps above was executed using the system user running OIM process
test java class
package com.zeropiu.sky.custom.eventhandlers;
import java.io.Serializable;
import java.util.HashMap;
import com.thortech.util.logging.Logger;
import oracle.iam.platform.kernel.spi.ConditionalEventHandler;
import oracle.iam.platform.kernel.spi.PostProcessHandler;
import oracle.iam.platform.kernel.vo.AbstractGenericOrchestration;
import oracle.iam.platform.kernel.vo.BulkEventResult;
import oracle.iam.platform.kernel.vo.BulkOrchestration;
import oracle.iam.platform.kernel.vo.EventResult;
import oracle.iam.platform.kernel.vo.Orchestration;
import oracle.iam.platform.context.ContextManager;
import java.util.Set;
public class TestUserAnonimi implements PostProcessHandler, ConditionalEventHandler {
private static final Logger logger = Logger.getLogger("com.zeropiu.sky.custom.eventhandlers");
private static final String className = "TestUserAnonimi";
@Override
public void initialize(HashMap<String, String> arg0) {
// TODO Auto-generated method stub
String methodName = "initialize";
System.out.println("###### " + className + " - " + methodName);
@Override
public boolean isApplicable(AbstractGenericOrchestration abstractGenericOrchestration) {
// TODO Auto-generated method stub
String methodName = "isApplicable";
System.out.println("###### " + className + " - " + methodName + " - STARTED");
System.out.println("###### " + className + " - " + methodName + " - ContextManager.getContextType(): " + ContextManager.getContextType());
System.out.println("###### " + className + " - " + methodName + " - ContextManager.getContextSubType(): " + ContextManager.getContextSubType());
System.out.println("###### " + className + " - " + methodName + " - abstractGenericOrchestration.getOperation(): " + abstractGenericOrchestration.getOperation());
System.out.println("###### " + className + " - " + methodName + " - Printing ContextManager parameters");
HashMap allContextManagerPairs = ContextManager.getAllValuesFromCurrentContext();
Set<String> allContextManagerParams = allContextManagerPairs.keySet();
String[] parameters = allContextManagerParams.toArray(new String[allContextManagerParams.size()]);
for (int i = 0; i < parameters.length; i++) {
System.out.println("###### " + className + " - " + methodName + " - Context parameter " + i + ": " + parameters[i] + " - Object type is: " + Utils.getObjectType(ContextManager.getValue(parameters)));
System.out.println("###### " + className + " - " + methodName + " - ENDED");
return true;
@Override
public boolean cancel(long arg0, long arg1, AbstractGenericOrchestration arg2) {
// TODO Auto-generated method stub
String methodName = "cancel";
System.out.println("###### " + className + " - " + methodName);
return false;
@Override
public void compensate(long arg0, long arg1, AbstractGenericOrchestration arg2) {
// TODO Auto-generated method stub
String methodName = "compensate";
System.out.println("###### " + className + " - " + methodName);
@Override
public EventResult execute(long arg0, long arg1, Orchestration orchestration) {
// TODO Auto-generated method stub
String methodName = "Eventresult execute";
System.out.println("###### " + className + " - " + methodName);
return null;
@Override
public BulkEventResult execute(long arg0, long arg1, BulkOrchestration arg2) {
// TODO Auto-generated method stub
String methodName = "BulkEventResult execute";
System.out.println("###### " + className + " - " + methodName);
return null;
plugin.xml file
<?xml version="1.0" encoding="UTF-8"?>
<oimplugins xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<plugins pluginpoint="oracle.iam.platform.kernel.spi.EventHandler">
<plugin pluginclass="com.zeropiu.sky.custom.eventhandlers.TestUserAnonimi" version="1.0" name="TestUserAnonimi">
</plugin>
</plugins>
</oimplugins>
EventHandler.xml metadata file
<?xml version='1.0' encoding='UTF-8'?>
<eventhandlers xmlns="http://www.oracle.com/schema/oim/platform/kernel" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.oracle.com/schema/oim/platform/kernel orchestration-handlers.xsd">
<action-handler class="com.zeropiu.sky.custom.eventhandlers.TestUserAnonimi" entity-type="RoleUser" operation="CREATE" name="TestUserAnonimi" stage="preprocess" order="1007" sync="FALSE" />
</eventhandlers>When I assign a role to a user through OIM web interface, I can see in OIM log file all System.out.println contained in initialize(), isApplicable() and BulkEventResult execute() methods. Is it correct? Can I implement my custom plugin logic now, or my starting point is wrong?
###### TestUserAnonimi - initialize
###### TestUserAnonimi - isApplicable - STARTED
###### TestUserAnonimi - isApplicable - ContextManager.getContextType(): ADMIN
###### TestUserAnonimi - isApplicable - ContextManager.getContextSubType():
###### TestUserAnonimi - isApplicable - abstractGenericOrchestration.getOperation(): CREATE
###### TestUserAnonimi - isApplicable - Printing ContextManager parameters
###### TestUserAnonimi - isApplicable - Context parameter 0: origuser - Object type is: java.lang.String
###### TestUserAnonimi - isApplicable - Context parameter 1: oimuser - Object type is: java.lang.String
###### TestUserAnonimi - isApplicable - Context parameter 2: RESOLVED_LOCALE - Object type is: java.lang.String
###### TestUserAnonimi - isApplicable - Context parameter 3: counter - Object type is: java.lang.String
###### TestUserAnonimi - isApplicable - Context parameter 4: TIME_ZONE - Object type is: java.lang.String
###### TestUserAnonimi - isApplicable - Context parameter 5: ipaddress - Object type is: java.lang.String
###### TestUserAnonimi - isApplicable - ENDED
##### TestUserAnonimi - BulkEventResult execute
Thanks,
Daniele
Edited by: 886636 on Jan 24, 2012 2:53 AM
Edited by: 886636 on Jan 24, 2012 2:53 AMProbably I don't explain myself clearly....sorry for that!
Anyway you are right, the role of the user can change after the user is initially provisioned.
I'll try to summarize to be sure to have understood your answer and to explain my scenario more in details:
1. After user identity creation, I'll assign the role "Project Manager". Before role assignment the user has not any role. So using a pre-populate adapter I can retrieve the assigned role and compose the right userid.
2. After step 1, I need to assign another role to the user, the new role should be "External Reseller" for example. In this case the user has a role already. What I would is: basing on the role that I'm assigning (External Reseller), the pre-populate should compose the right userid. Obviously this second userid will be different from the first one and this means a new account will be created for the user. At the moment I don't care to deprovisioning the first userid.
Is it possible with pre-populate adapter?
Sorry again for my not very clear explanations.
Daniele
Edited by: 886636 on Jan 24, 2012 4:10 AM -
Rule based Role membership in OIA is not pushing to OIM
Hi All,
Rule based Role membership in OIA is not pushing to OIM due to error as
00:01:38,055 DEBUG [DBIAMSolution] Group Role container for JDE.JDE_BHRUSRTT found...
00:01:38,144 ERROR [DBIAMSolution] Error Occured while adding users to role
Thor.API.Exceptions.tcAPIException: Error occurred while find User information: USER_NOT_FOUND
at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:348)
at weblogic.rmi.cluster.ClusterableRemoteRef.invoke(ClusterableRemoteRef.java:259)
at Thor.API.Operations.tcGroupOperationsIntf_13pobh_tcGroupOperationsIntfRemoteImpl_1035_WLStub.getAllMemberUsersx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at $Proxy396.getAllMemberUsersx(Unknown Source)
at Thor.API.Operations.tcGroupOperationsIntfDelegate.getAllMemberUsers(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Meth
Any one can help will be appreciate...
Thanks
Bikas
Edited by: Bikas Mandal on Mar 27, 2013 6:15 AMTry these steps and let me know what you see:
Login to OIA > Administration > Configuration > Workflows
Select Role membership create workflow
And check if you have added OIM provisioning server in the Step5 of the workflow.
Cheers,
Vamsi. -
Access Enforcer - REMOVE roles/existing roles inoperant
Hello
After some time using the capability to ADD and REMOVE roles when creating a request on Access Enforcer (using the option 'Existing Roles' to REMOVE), now Access back to the screen to ADD always that we try to access 'Existing Roles'.
So, the function to REMOVE roles are inoperant.
Any ideas what It cold be?Hi,
When you open a changing access request it's possible to add new roles and remove existing roles from the user, right?
However, the option to remove roles (which is accessed through the 'existing roles' button) is not working longer.
When that option is accessed, it's not showed anymore the current user's access: the screen returns to the add roles option.
I haven't found any setting for the feature to remove roles and still don't know how that option, previously used in other requests, is not working for anyone else.
Regards
Heverton Kesseler -
OIM: Trigger for add/remove Role?
Is there any out of the box way to attach a trigger/event handler to a target resource Process Definition such that code can be executed when an OIM Role is added/removed from the parent OIM User record?
I've gotten as far as the following:
I can hook into the "Add/Remove Role" event via event handlers
From the event handlers in #1 above, I can add process tasks such as "OIM Role Added", "OIM Role Removed" to the user's resources using the OIM API addProcessTaskInstance method.
The issue is I need to know which Role was added/removed in the process tasks and there does not seem to be a way to pass any data dynamically into the task when it's created. I thought about storing the added/removed Role in a UDF; however, this doesn't scale well when multiple Roles are being added/removed.
Is there a better way to do this?
Thanks.You can refer to Doc ID 1461252.1 for sample code.
~J -
OIM Reports for BIP Role Membership
The OIM BP04 Reports for BIP, the Role Membership report description states:
"This report will display membership details of all the roles. The report will not show indirect memberships. Security model is not implemented in this report."
Looks like the data model deliberately excluded indirect roles (or child tabled roles) from the Lookup.DBUM.Oracle.Roles (same for the Privileges Reports).
Can anyone guide me through editing the Role Membership data model to INCLUDE the roles from the lookup table?
I believe the Lookup.DBUM.Oracle.Roles have to get associated to the users recon'd from the DBUM Trusted Recon from the DBA_Users table first.
Thanks for looking.The BP04 OIM roles reports targets OIM roles, not oracle or ad roles.
To achieve those views, custom BIP reports that query the respective OIM tables where the AD and Oracle data exist are required.
Thanks for looking. -
How To Load a Project Budget Line Through API in R12 ?
Hello
Could you please let me know how to load the project budget lines through API in R12 system, I am trying with below script but it is not working.
Could you please let me know if you have any solution.
=========================================================================================================================================================================
Script
DECLARE
--––variables needed for API standard parameters
l_api_version_number NUMBER := 1.0;
l_commit VARCHAR2 (1) := 'T';
l_return_status VARCHAR2 (1);
l_init_msg_list VARCHAR2 (1);
l_msg_count NUMBER;
l_msg_data VARCHAR2 (2000);
l_data VARCHAR2 (2000);
l_msg_entity VARCHAR2 (100);
l_msg_entity_index NUMBER;
l_msg_index NUMBER;
l_msg_index_out NUMBER;
l_encoded VARCHAR2 (1);
i NUMBER;
a NUMBER;
--––variables needed for Oracle Project specific parameters
l_pm_product_code VARCHAR2 (100);
l_pa_project_id NUMBER;
l_pm_project_reference VARCHAR2 (100);
l_budget_type_code VARCHAR2 (30);
l_change_reason_code VARCHAR2 (30);
l_description VARCHAR2 (255);
l_entry_method_code VARCHAR2 (30);
l_resource_list_name VARCHAR2 (60);
l_resource_list_id NUMBER;
l_budget_lines_in pa_budget_pub.budget_line_in_tbl_type;
l_budget_lines_in_rec pa_budget_pub.budget_line_in_rec_type;
l_budget_lines_out pa_budget_pub.budget_line_out_tbl_type;
l_line_index NUMBER;
l_line_return_status VARCHAR2 (1);
l_user_id NUMBER;
l_responsibility_id NUMBER;
API_ERROR EXCEPTION;
BEGIN
-- SET GLOBAL INFO
SELECT user_id,
responsibility_id
INTO l_user_id,
l_responsibility_id
FROM pa_user_resp_v
WHERE user_name = 'RAJU';
PA_INTERFACE_UTILS_PUB.SET_GLOBAL_INFO (p_api_version_number => 1.0,
p_responsibility_id => l_responsibility_id,
p_user_id => l_user_id,
p_msg_count => l_msg_count,
p_msg_data => l_msg_data,
p_return_status => l_return_status
IF l_return_status != 'S'
THEN
RAISE API_ERROR;
END IF;
--––PRODUCT RELATED DATA
l_pm_product_code := 'GMS';
--––BUDGET DATA
l_pa_project_id := 6271;
l_pm_project_reference := NULL;--'ABC';
l_budget_type_code := 'FC';
-- l_change_reason_code := 'INITIAL';
l_description := 'New description –> 2';
l_entry_method_code := 'PA_TASKLVL_BASELINE';
l_resource_list_id := 1001;
--––BUDGET LINES DATA
a := 1;
FOR i IN 1 .. a
LOOP
l_budget_lines_in_rec.pa_task_id := 405156;
l_budget_lines_in_rec.pm_task_reference := NULL;
l_budget_lines_in_rec.resource_alias := 'Labor';
l_budget_lines_in_rec.resource_list_member_id := '1034';
-- l_budget_lines_in_rec.budget_start_date := '01-Jan-13';
-- l_budget_lines_in_rec.budget_end_date := '31-Dec-14';
-- l_budget_lines_in_rec.period_name := 'JUL-10FY2011';
l_budget_lines_in_rec.description := 'Some Text';
l_budget_lines_in_rec.quantity := 100.00;
l_budget_lines_in_rec.raw_cost := 300.00;
l_budget_lines_in (i) := l_budget_lines_in_rec;
END LOOP;
--––INIT_BUDGET
pa_budget_pub.init_budget;
--––LOAD_BUDGET_LINE
FOR i IN 1 .. a
LOOP
pa_budget_pub.load_budget_line
(p_api_version_number => l_api_version_number,
p_return_status => l_return_status,
p_pa_task_id => l_budget_lines_in (i).pa_task_id,
p_pm_task_reference => l_budget_lines_in (i).pm_task_reference,
p_resource_alias => l_budget_lines_in (i).resource_alias,
p_resource_list_member_id => l_budget_lines_in (i).resource_list_member_id,
p_budget_start_date => l_budget_lines_in (i).budget_start_date,
p_budget_end_date => l_budget_lines_in (i).budget_end_date,
p_period_name => l_budget_lines_in (i).period_name,
p_description => l_budget_lines_in (i).description,
p_raw_cost => l_budget_lines_in (i).raw_cost,
p_burdened_cost => l_budget_lines_in (i).burdened_cost,
p_revenue => l_budget_lines_in (i).revenue,
p_quantity => l_budget_lines_in (i).quantity
END LOOP;
IF l_return_status != 'S'
THEN
RAISE api_error;
END IF;
--––EXECUTE_CREATE_DRAFT_BUDGET
pa_budget_pub.execute_create_draft_budget (p_api_version_number => l_api_version_number,
p_msg_count => l_msg_count,
p_msg_data => l_msg_data,
p_return_status => l_return_status,
p_pm_product_code => l_pm_product_code,
p_pa_project_id => l_pa_project_id,
p_pm_project_reference => l_pm_project_reference,
p_budget_type_code => l_budget_type_code,
p_change_reason_code => l_change_reason_code,
p_description => l_description,
p_entry_method_code => l_entry_method_code,
p_resource_list_name => l_resource_list_name,
p_resource_list_id => l_resource_list_id
IF l_return_status != 'S'
THEN
NULL; --––RAISE API_ERROR;
END IF;
--––FETCH_LINE
FOR l_line_index IN 1 .. pa_budget_pub.g_budget_lines_tbl_count
LOOP
pa_budget_pub.fetch_budget_line (p_api_version_number => l_api_version_number,
p_return_status => l_return_status,
p_line_index => l_line_index,
p_line_return_status => l_line_return_status
IF l_return_status != 'S' OR l_line_return_status != 'S'
THEN
RAISE api_error;
END IF;
END LOOP;
--––CLEAR_BUDGET
pa_budget_pub.clear_budget;
IF l_return_status != 'S'
THEN
RAISE api_error;
END IF;
--––HANDLE EXCEPTIONS
EXCEPTION
WHEN api_error
THEN
FOR i IN 1 .. l_msg_count
LOOP
pa_interface_utils_pub.get_messages (p_msg_data => l_msg_data,
p_data => l_data,
p_msg_count => l_msg_count,
p_msg_index_out => l_msg_index_out
DBMS_OUTPUT.put_line ('Error Mesg ' || l_data);
DBMS_OUTPUT.put_line ('Error Mesg ' || l_msg_data);
END LOOP;
WHEN OTHERS
THEN
FOR i IN 1 .. l_msg_count
LOOP
pa_interface_utils_pub.get_messages (p_msg_data => l_msg_data,
p_data => l_data,
p_msg_count => l_msg_count,
p_msg_index_out => l_msg_index_out
DBMS_OUTPUT.put_line ('error mesg ' || l_data);
END LOOP;
END;
=========================================================================================================================================================================Not knowing how its embedded... you will need to get the report instance from the dll and cast it as a ReportDocument object.
Given the info so far, that is all we can say.
Ludek
Follow us on Twitter http://twitter.com/SAPCRNetSup
Got Enhancement ideas? Try the [SAP Idea Place|https://ideas.sap.com/community/products_and_solutions/crystalreports] -
Error while creating contact through API in Install Base
Hello
I am trying to create contacts when creating a install base through API...
I tried below code as per metalink note# 215456.1 and giving the below error. I checked setup andI have 'Ship To' exists in Instnace Party Account Relationsship setup in the aplication and also I have a party Id 1232890 exist in hz_parties table with party type as 'Person' and I passed contact_ip_id as instance_party_id from CSI_I_PARTIES table for the instance to be update...
Also, can anybody help me how to purge the error messages before calling the API, suppose if i have 2 records and all two records will error then my second record error getting contatenated with my first error and message count also getting increased(see error message below as message count coming as 2 even though there is only one error)
SET SERVEROUTPUT ON SIZE 1000000
DECLARE
p_instance_rec CSI_DATASTRUCTURES_PUB.INSTANCE_REC;
p_ext_attrib_values_tbl
CSI_DATASTRUCTURES_PUB.EXTEND_ATTRIB_VALUES_TBL;
p_party_tbl CSI_DATASTRUCTURES_PUB.PARTY_TBL;
p_account_tbl CSI_DATASTRUCTURES_PUB.PARTY_ACCOUNT_TBL;
p_pricing_attrib_tbl CSI_DATASTRUCTURES_PUB.PRICING_ATTRIBS_TBL;
p_org_assignments_tbl CSI_DATASTRUCTURES_PUB.ORGANIZATION_UNITS_TBL;
p_asset_assignment_tbl CSI_DATASTRUCTURES_PUB.INSTANCE_ASSET_TBL;
p_txn_rec CSI_DATASTRUCTURES_PUB.TRANSACTION_REC;
x_instance_id_lst CSI_DATASTRUCTURES_PUB.ID_TBL;
x_return_status VARCHAR2(2000);
x_msg_count NUMBER;
x_msg_data VARCHAR2(2000);
x_msg_index_out NUMBER;
t_output VARCHAR2(2000);
t_msg_dummy NUMBER;
BEGIN
p_party_tbl(1).instance_party_id := null;
p_party_tbl(1).instance_id := 1216497;
p_party_tbl(1).party_source_table := 'HZ_PARTIES';
p_party_tbl(1).party_id := 1232890;
p_party_tbl(1).relationship_type_code := 'Ship To';
p_party_tbl(1).contact_flag := 'Y';
p_party_tbl(1).contact_ip_id := 1699185;
x_msg_count := 0;
p_party_tbl(1).OBJECT_VERSION_NUMBER := 1;
-- Now call the stored program
csi_item_instance_pub.update_item_instance(
1.0,
'F',
'F',
1,
p_instance_rec,
p_ext_attrib_values_tbl,
p_party_tbl,
p_account_tbl,
p_pricing_attrib_tbl,
p_org_assignments_tbl,
p_asset_assignment_tbl,
p_txn_rec,
x_instance_id_lst,
x_return_status,
x_msg_count,
x_msg_data);
-- Output the results
if x_msg_count > 0
then
for j in 1 .. x_msg_count loop
fnd_msg_pub.get
( j
, FND_API.G_FALSE
, x_msg_data
, t_msg_dummy
t_output := ( 'Msg'
|| To_Char
( j
|| ': '
|| x_msg_data
dbms_output.put_line
( SubStr
( t_output
, 1
, 255
end loop;
end if;
dbms_output.put_line('x_return_status = '||x_return_status);
dbms_output.put_line('x_msg_count = '||TO_CHAR(x_msg_count));
dbms_output.put_line('x_msg_data = '||x_msg_data);
-- COMMIT;
END;
ERROR
SQL> @p
Msg1: The Party Relationship Type (Ship To) entered is either invalid or it does
not exist in the Installed Base Lookups
Msg2: The Party Relationship Type (Ship To) entered is either invalid or it does
not exist in the Installed Base Lookups
x_return_status = E
x_msg_count = 2
x_msg_data = The Party Relationship Type (Ship To) entered is either invalid or
it does not exist in the Installed Base Lookups
PL/SQL procedure successfully completed.Hi
We are in 11.5.10.2 and I already checked notes which you sent before and setups are fine as the relationship type' Ship to' having 'contacts' enabled in the setup.
I am also seeing a differernt issue as once I update existing item instnace with the status 'Return for Credit' through API, system is not allowing me to update the extended attributes through front end application manually and I am seeing a note at the end of the screen as 'Note: This item instance cannot be updated. ' and this is only happening when I update the item instance status to 'Returned for Credit' not when I create new item instances with status as 'Created'. Is this intended functionality to restrict update on extended attributes if I change the status of item instnace to 'Return for Credit' ?
Thanks -
Issue in evaluation of Role Membership Rule in gtc trusted recon.
Hi All,
I got a issue in evaluation of role membership in gtc trusted recon.
i created a custom UDF in user profile.i am updating that field from gtc trusted recon.
i created a rule based on that custom UDF.But that is not triggering while we run the gtc trusted recon.users are coming to oim from database .but rule is not evaluating.
if we manually create any user rule is evaluating.role is assingning .
how to solve this problem.it is very urgent for me.
thanks in advance.
-Hanumanhi bikash,
i am using oim 11.1.1.5 version.
Access policy is triggering if role is assigned to the user ,when i directly create the user in oim, instead of gtc trusted recon.
that udf field is mobile status.it is custom udf .
Thanks & Regards,
Hanuman. T -
Difference in Creation of BRF+ artifact through API / Workbench
Hello ,
I am new in BRF+ development. Need your help . While creating BRFPlus artifact in NW 7002 , what will be differences
1) if we create Application / function / Data object / Ruleset etc using BRF+ workbench and use ABAP code for calling /passing parameters
2)if we create all these through through APIs .
can anyone guide me please .
Thanks in advance.
PSHI Carsten,
Thanks for you response.
Just to clarify some more ...Is there any issue later / limitation while extending/ changing the functionality of rulesets if we create those with workbench in place of using APIs .
For example in production server if we need to change / replace some context parameters OR adding one more row in decision table / or any other change.
Thanks & Regards,
PS -
I want to Pick Release in 11.5.9 through API , What API I can Used?
Hi.expert
I want to Pick Release through API in 11.5.9, What API I can Used?You need to apply patch 3438823 which provides the Pick Release Public API to create and release a picking batch and also provides the functionality to allow picking criteria of groups of items based on Item category and category sets and also provision is provided to "exclude/include only" ShipSets/SMCs in a batch.
Check Note: 435444.1 - WSH_PICKING_BATCHES_PUB Package for Pick Release Public API does not Exist in Release 11.5.9
https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=435444.1 -
I am facing problem in loading data in ap_invoices_all in R12 through API
Hi,
When I am trying to load data in R12 through API (ap_invoices_pkg. Insert_Row), I can see my record in base table ap_invoices_all but I can't find my record from frontend application.
MAGSA AP Supervisor -> Invoices -> Entry -> Invoices.
I will be very greatful if anyone can tell me the reason why I am not able to find my record.
Thanks
RanjanaI believe the issue is related to Multi Org Access Control (MOAC) - pl see MOS Doc 420787.1 - Oracle Applications Multiple Organizations Access Control for Custom Code - for a discussion.
HTH
Srini -
Error in oim Role creation using Role Manager Service API from Standalone Java client
Hi,
Facing the following error when trying to create Role using Role Manager Service API from a standalone java client .
Tried with the solution of changing ,
Login into the Web Logic Admin Console --> Servers --> OIM Server --> Protocols --> Modify the Maximum Message from 100000000 to 1000000000, but still the problem persists.
Exception in thread "main" org.omg.CORBA.BAD_PARAM: vmcid: 0x0 minor code: 0 completed: No
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at java.lang.Class.newInstance0(Unknown Source)
at java.lang.Class.newInstance(Unknown Source)
at com.sun.corba.se.impl.protocol.giopmsgheaders.MessageBase.getSystemException(Unknown Source)
at com.sun.corba.se.impl.protocol.giopmsgheaders.ReplyMessage_1_2.getSystemException(Unknown Source)
at com.sun.corba.se.impl.protocol.CorbaMessageMediatorImpl.getSystemExceptionReply(Unknown Source)
at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.processResponse(Unknown Source)
at com.sun.corba.se.impl.protocol.CorbaClientRequestDispatcherImpl.marshalingComplete(Unknown Source)
at com.sun.corba.se.impl.protocol.CorbaClientDelegateImpl.invoke(Unknown Source)
at org.omg.CORBA.portable.ObjectImpl._invoke(Unknown Source)
at com.sun.org.omg.SendingContext._CodeBaseStub.meta(Unknown Source)
at com.sun.corba.se.impl.encoding.CachedCodeBase.meta(Unknown Source)
at com.sun.corba.se.impl.io.IIOPInputStream.getOrderedDescriptions(Unknown Source)
at com.sun.corba.se.impl.io.IIOPInputStream.inputObjectUsingFVD(Unknown Source)
at com.sun.corba.se.impl.io.IIOPInputStream.simpleReadObject(Unknown Source)
at com.sun.corba.se.impl.io.ValueHandlerImpl.readValueInternal(Unknown Source)
at com.sun.corba.se.impl.io.ValueHandlerImpl.readValue(Unknown Source)
at com.sun.corba.se.impl.encoding.CDRInputStream_1_0.read_value(Unknown Source)
at com.sun.corba.se.impl.encoding.CDRInputStream.read_value(Unknown Source)
at oracle.iam.identity.rolemgmt.api._RoleManager_ogut7n_RoleManagerRemoteRIntf_Stub.createx(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at weblogic.ejb.container.internal.RemoteBusinessIntfProxy.invoke(RemoteBusinessIntfProxy.java:85)
at $Proxy2.createx(Unknown Source)
at oracle.iam.identity.rolemgmt.api.RoleManagerDelegate.create(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler$1.run(SecurityInvocationHandler.java:68)
at weblogic.security.subject.SubjectProxy.doAs(SubjectProxy.java:64)
at weblogic.security.subject.SubjectManager.runAs(SubjectManager.java:262)
at weblogic.security.Security.runAs(Security.java:48)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(weblogicLoginSession.java:52)
at Thor.API.Base.SecurityInvocationHandler.invoke(SecurityInvocationHandler.java:79)
at $Proxy3.create(Unknown Source)
at com.idm.role.CreateRole.createRole(CreateRole.java:113)
at com.idm.role.CreateRole.main(CreateRole.java:167)
Thanks In AdvanceHi , I have used OIM 11g R2.
Please find below the code we have used,
package com.idm.role;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Set;
import java.util.logging.Logger;
import javax.security.auth.login.LoginException;
import oracle.iam.identity.exception.NoSuchRoleException;
import oracle.iam.identity.exception.RoleAlreadyExistsException;
import oracle.iam.identity.exception.RoleCreateException;
import oracle.iam.identity.exception.RoleLookupException;
import oracle.iam.identity.exception.RoleModifyException;
import oracle.iam.identity.exception.SearchKeyNotUniqueException;
import oracle.iam.identity.exception.ValidationFailedException;
import oracle.iam.identity.rolemgmt.api.RoleManager;
import oracle.iam.identity.rolemgmt.api.RoleManagerConstants;
import oracle.iam.identity.rolemgmt.vo.Role;
import oracle.iam.platform.OIMClient;
import oracle.iam.platform.authz.exception.AccessDeniedException;
public class CreateRole {
private final static Logger LOGGER = Logger.getLogger(CreateRole.class .getName());
OIMClient oimClient = null;
public OIMClient connectToOIM() {
LOGGER.info("In connectToOIM ");
Hashtable env = new Hashtable();
env.put(OIMClient.JAVA_NAMING_FACTORY_INITIAL,
"weblogic.jndi.WLInitialContextFactory");
env.put(OIMClient.JAVA_NAMING_PROVIDER_URL,
"t3://V-hydidm1.itig.co.in:14000");
System.setProperty("java.security.auth.login.config",
"F:\\Projects\\IDM\\Team\\Env_setup\\OIM_Setup\\designconsole\\config\\authwl.conf");
System.setProperty("java.security.policy",
"F:\\Projects\\IDM\\Team\\Env_setup\\OIM_Setup\\designconsole\\config\\xl.policy");
System.setProperty("OIM.AppServerType", "wls");
System.setProperty("APPSERVER_TYPE", "wls");
System.setProperty("weblogic.Name", "oim_server1");
oimClient = new OIMClient(env);
try {
oimClient.login("xelsysadm", "Passw0rd".toCharArray());
} catch (LoginException e) {
e.printStackTrace();
System.out.println("Connected");
return oimClient;
public void readRoleMetadata() {
LOGGER.info("in readRoleMetadata ");
RoleManager roleManagerService = oimClient
.getService(RoleManager.class);
try {
Role roleVo = roleManagerService.getDetails(
RoleManagerConstants.ROLE_DISPLAY_NAME, "API Role1", null);
Set attributeNameSet = roleVo.getAttributeNames();
Iterator it = attributeNameSet.iterator();
while (it.hasNext()) {
System.out.println("Attribute Name :: " + it.next());
// roleVo.setAttribute("ADentitlements", "Security Admin access");
String adEntitlements = "" + roleVo.getAttribute("ADentitlements");
System.out.println("AD Entitlements :: " + adEntitlements);
System.out.println("DB Entitlements :: " + ""
+ roleVo.getAttribute("DBEntitlements"));
System.out.println("Unix Entitlements :: " + ""
+ roleVo.getAttribute("UnixWindows"));
System.out.println("VPN :: " + "" + roleVo.getAttribute("VPN"));
} catch (SearchKeyNotUniqueException e) {
e.printStackTrace();
} catch (NoSuchRoleException e) {
e.printStackTrace();
} catch (RoleLookupException e) {
e.printStackTrace();
} catch (AccessDeniedException e) {
e.printStackTrace();
public void createRole() {
LOGGER.info(" in Create role ");
RoleManager roleManagerService = oimClient
.getService(RoleManager.class);
HashMap<String, Object> roleCreationAttrMap = new HashMap<String, Object>();
roleCreationAttrMap.put(RoleManagerConstants.ROLE_NAME, "API Role1");
roleCreationAttrMap.put(RoleManagerConstants.ROLE_DESCRIPTION,
"This Role is created using API Role1");
roleCreationAttrMap.put(RoleManagerConstants.ROLE_DISPLAY_NAME,
"API Role1");
roleCreationAttrMap.put("ADentitlements", "API Role1 AD Entitlements");
roleCreationAttrMap.put("DBEntitlements", "API Role1 DB Entitlements");
roleCreationAttrMap.put("VPN", "No");
roleCreationAttrMap.put("UnixWindows", "API Role1 Unix Entitlements");
Role roleVo = new Role(roleCreationAttrMap);
try {
System.out.println(" Before Create role *********************************************");
roleManagerService.create(roleVo);
System.out.println("Role Created .. ");
} catch (ValidationFailedException e) {
e.printStackTrace();
} catch (RoleAlreadyExistsException e) {
e.printStackTrace();
} catch (RoleCreateException e) {
e.printStackTrace();
} catch (AccessDeniedException e) {
e.printStackTrace();
public void modifyRole() {
LOGGER.info(" in modifyRole ");
RoleManager roleManagerService = oimClient
.getService(RoleManager.class);
Role roleVo;
try {
roleVo = roleManagerService.getDetails(
RoleManagerConstants.ROLE_DISPLAY_NAME, "API Role1", null);
String roleKey = roleVo.getEntityId();
HashMap<String, Object> roleCreationAttrMap = new HashMap<String, Object>();
roleCreationAttrMap.put("ADentitlements",
"Updated API Role1 AD Entitlements");
Set roleKeySet = new HashSet<String>();
roleKeySet.add(roleKey);
Role roleVoNew = new Role(roleCreationAttrMap);
roleManagerService.modify(roleKeySet, roleVoNew);
System.out.println("Role Modified ..");
} catch (SearchKeyNotUniqueException e) {
e.printStackTrace();
} catch (NoSuchRoleException e) {
e.printStackTrace();
} catch (RoleLookupException e) {
e.printStackTrace();
} catch (AccessDeniedException e) {
e.printStackTrace();
} catch (ValidationFailedException e) {
e.printStackTrace();
} catch (RoleModifyException e) {
e.printStackTrace();
public static void main(String args[]) {
CreateRole miscObj = new CreateRole();
miscObj.connectToOIM();
miscObj.createRole();
//miscObj.readRoleMetadata();
Thanks In Advance .
Maybe you are looking for
-
Getting the text and the shape to play at the same time in Keynote '08
Searched FAQ without any luck. I put text into a shape. When 'played' however, the text comes in on first click, and shape on the second click. I would like both to enter slide simultaneously. How can I accomplish this ?? THanks Fred
-
I just downloaded three products in the Adobe Exchange and two of them I paid for. The free one works, but when I start photoshop the exchange panel tells me there is an error loading and to check my internet connection (which is fine)... the one fre
-
Hi all, I have developed a Flash 7 compatible virtual machine in java 1.1. This will allow java developers to use Macromedia Flex, or Flash MX to make great looking front ends, graphical animations etc directly within their java application. The core
-
Need infor on PO Header text table
Hi. List the table name in which Purchase order Header text will stored. Cheers Umakanth
-
How to make iTunes detect the new location of music files?
Hi everyone. I moved all of my music to a different location on my hard drive, and I changed the location in iTunes preferences, but it doesn't seem to detect this, so my library is empty now. I saved an itl, xml, and temp file as well, but I don't k