API method to Assign Role to an Organisation

Similar Messages

• OIM11gR2 - Assigning Role to an organization using API

  Hi All,
  Is there any API available to assign roles to organizations?
  Thanks

         List entitiesToPublish = new ArrayList();
          EntityPublication entToPublish = new EntityPublication();
          entToPublish.setEntityId(role.getEntityId());
          entToPublish.setEntityType(PolicyConstants.Resources.ROLE.getId());
          Object objActKey = organization.getAttribute(OrganizationManagerConstants.AttributeName.ID_FIELD.getId().toString());
          String act_key = null;
          if ((objActKey instanceof String))
            act_key = (String)objActKey;
          else if ((objActKey instanceof Long)) {
            act_key = ((Long)objActKey).toString();
          entToPublish.setHierarchicalScope(true);
          entToPublish.setScopeId(act_key);
          entitiesToPublish.add(entToPublish);
          service.addEntityPublications(entitiesToPublish);
  Regards
  Shashank

• Assigning roles to LDAP users through BIP API

  Hi.
  My customer has BIP 11g and OIM 9.1.0.2 running on the same weblogic server (11g). Both authenticate against the same LDAP server.
  One of our desired next steps is to provision from OIM the BIP roles to each LDAP user so every user gets the correct roles (and access to the correct reports) according to the groups he has on OIM.
  I've been searching for info regarding this without success. The BIP API doc does not show any info about assigning roles to users.
  We don't need to manage LDAP users, BIP roles, etc... through OIM. We only need to assign BIP roles to LDAP users.
  Is it possible to make that assignments through BIP API?
  If not, any other ideas? New ideas or different approaches are welcome.
  Thanks in advance.

  In OBIEE 11g which includes BIP the application roles are applied to LDAP users and groups using the Enterprise Manager Fusion Control.
  During the upgrade process from OBIEE 10g to OBIEE 11g the groups do get assigned to these roles transparently so there must be some API to leverage this functionality.
  I would start there, http://download.oracle.com/docs/cd/E14571_01/bi.1111/e10541/admin_api.htm
  There are no specific instructions on accomplishing what you seek but if you have some WLST or Java Skills you should be able to get something prototyped.
  Let me know if that helps.

• How to assign roles to users using WL api?

  Hi,
  We have a requirement to allow creation of new users through application screens and assign groups and roles to those users.
  My users will exist in external LDAP server while my groups and roles will exist in embedded LDAP server. Using WL APIs i am able to create users and add them to groups using the code peices given below:
  ========================================
            userProviderControl.createUserSimple(form.userID, form.password);
            groupProviderControl.addUserToGroup(ocnGroup, form.userID);
  ========================================
  How do i assign roles to this new user programatically?
  If i add a role from console (Home > Realm Roles > Summary of Security Realms > myrealm > Realm Roles -> Global Roles) and edit role condition to add this newly created user then i it works fine. I want to achieve the same i.e. edit role condition programatically.
  Any help will be greatly appreciated.
  Thanks,

  Problem Solved !!!
  The data-type conversion needs to be performed in the SPML2 Person Form. Add a Field called waveset.roles and map it to the SPML2 attribute name being used in ur client. It's best done through a rule.....
  If anybody is facing similar problem and need more details....please email me @ [email protected]

• What is the difference between organisation payment method and Assignment payment method?

  What is the difference between organisation payment method and Assignment payment method?
  As i am a new bie, i am curious to know this though it might sound a silly question.
  Thank you,
  Kuton

  You can create an Organization payment method of any Payment type(Cash, Check, BACS, NACHA etc) under the same country.
  All these will be valid payment methods on the payroll description form.
  And you can even attach these to a person.
  In which case you will have a Base currency (say USD) and payment currency (say GBP).
  These cases are not normal and only used by people who use a single BG for paying employees in 3-4 countries.
  So, unless you need to pay in different currencies, do not use it.
  Cheers,
  Vignesh

• Assign role, group to Human Task when initiated

  Hi all,
  Currently, when user login to BPM and create new task instance, i can get roles and groups of that user by programming. I want to assign roles of user to that task instance dynamically when user click SUBMIT button (Because i want to restrict users belong role are able to do this task, each user belong to a role and group can do it).
  Somebody help?
  Thanks.

  Hi Ming
  1. If you want to intercept any Actions from a Task like Save, Submit, Approve, Reject etc, you can create your own class like MyAppTaskValidationCallback that implements oracle.bpel.services.workflow.task.ITaskValidationCallback and in this overwrite one method named validateTaskOperation(bunch of parameters). See APIs for this.
  In this method, you can get the action performed on the task. Also you can get the complete Payload of the Task including your custom payload and the standard Task Payload stuff like History, Attachments, Comments etc. You can write some simple XML Parser utility methods to get and set attributes in the Payload xsd schema. So in your case, in this method, get Roles, Groups of the logged in user. Check the action performed. If he is not allowed to do that operation, throw the error from this method. Else continue with your logic. To begin with create java class like above, add this code snippet and just explore the data.
  Now, just curious. If your requirement is really to control the actions based on User Role/Groups, did you try to use the out of box functionality and avoid this custom logic. Say for BPM Applications, we have Swimlanes / Roles. Only users belonging to that Role, can work on that Tasks. Try to use out of box stuff as much as possible, unless you really need custom assignment logic.
  Thanks
  Ravi Jegga
  Just giving the code snippet to get an idea. But do refer the online APIs for more information.
  public void validateTaskOperation(ITaskValidationCallback.TaskAction taskAction, IWorkflowContext iWorkflowContext, Task task, Map<String, Object> parameters, Locale locale, List<String> errors) {
  try {
    Element taskPayload = task.getPayloadAsElement();
    String taskTitle;
    String taskOutcome;
    SystemAttributesType taskSystemAttributes = task.getSystemAttributes();         
    taskTitle = task.getTitle();
    System.out.println("MyAppTaskValidationCallback::validateTaskOperation() Begin For TaskTitle: " + taskTitle + " -> TaskAction: " + taskAction + " -> Parameters:\n" + parameters);
    if(taskAction == TaskAction.ACQUIRE) {
        System.out.println("Inside ACQUIRE");
        //parameters.put("AcquiredBy", iWorkflowContext.getUser());
    } else if(taskAction == TaskAction.OUTCOME_UPDATE) {
      System.out.println("Inside OUTCOME_UPDATE");
  } catch (Exception anException) {
    anException.printStackTrace();
  }

• Assign Roles through Custom Reconciliation

  Hi Experts,
  I am looking for a way to assign roles to a user through custom reconciliation. This requirement is part of the reconciliation process which also includes updating the application instance account status for the linked user(which I have done successfully). Please suggest some ways to implement this with the help of api methods. There are no child forms involved.
  Thanks,
  Subin

  For API's,
  You can use this in your recon code and call it when needed,
  You can first find the role key for role details from RoleManager's methods.
  Then, use method grantResource of RoleManager to assign the role to the user.
  Finally you can check the status of addition from RoleManagerResult API.
  Please use the following API references to code,
  http://docs.oracle.com/cd/E23549_01/apirefs.1111/e17334/oracle/iam/identity/rolemgmt/api/RoleManager.html
  http://docs.oracle.com/cd/E23549_01/apirefs.1111/e17334/oracle/iam/identity/rolemgmt/vo/Role.html
  http://docs.oracle.com/cd/E23549_01/apirefs.1111/e17334/oracle/iam/identity/rolemgmt/vo/RoleManagerResult.html
  Edited by: Shashi kiran on Apr 19, 2013 3:15 PM

• List of Portal users with the assigned Roles.....

  Hello All,
  I am working on EP6 SP9 and want to know from where can I get a list of all Portal users along with the assigned roles for each of them.
  One way I found is by searching for all users in User Administration role and along with the searched users, there is also an icon for Assigned roles.
  Apart from the above mentioned way, is there any other way by which I can get a direct list of the same. Is there a Java sample code for this.....?
  Please help.
  Awaiting Reply.
  Thanks and Warm Regards,
  Ritu R Hunjan

  Hi Ritu,
  Yes it is possible to get the roles of the users. You can try the following java code.
  package com.hcl.user;
  import java.util.Iterator;
  import java.util.Vector;
  import com.sap.security.api.IRole;
  import com.sap.security.api.IRoleFactory;
  import com.sap.security.api.IRoleSearchFilter;
  import com.sap.security.api.ISearchResult;
  import com.sap.security.api.IUser;
  import com.sap.security.api.IUserAccount;
  import com.sap.security.api.IUserFactory;
  import com.sap.security.api.UMFactory;
  import com.sapportals.portal.prt.component.AbstractPortalComponent;
  import com.sapportals.portal.prt.component.IPortalComponentRequest;
  import com.sapportals.portal.prt.component.IPortalComponentResponse;
  public class role_member extends AbstractPortalComponent {
  public void doContent(
  IPortalComponentRequest request,
  IPortalComponentResponse response) {
  try {
  IUserFactory userfactory = UMFactory.getUserFactory();
  IRoleFactory rolefactory = UMFactory.getRoleFactory();
  IRoleSearchFilter rolefltr = rolefactory.getRoleSearchFilter();
  rolefltr.setMaxSearchResultSize(2000);
  ISearchResult result = rolefactory.searchRoles(rolefltr);
  while (result.hasNext()) {
  response.write("<table border=0>n");
  String uniqueid = (String) result.next();
  IRole role = rolefactory.getRole(uniqueid);
  response.write("<tr><td bgcolor=Red>"+ role.getDisplayName()+ "</tr></td>n");
  Iterator users = role.getUserMembers(true);
  while (users.hasNext()) {
  String unique_user = (String) users.next();
  IUser user = userfactory.getUser(unique_user);
  IUserAccount account[] = user.getUserAccounts();
  response.write(
  "<tr><td>" + account[0].getLogonUid() + "</tr></td>n");
  response.write("</table>n");
  response.write("</br>n");
  } catch (Exception e) {
  This code gives you the list of all the users of your portal along with the roles assigned to them.
  Apart from this if you want you want to know all the roles assigned to the user on portal itself then the way you mentioned is the correct method.
  Regards
  Pravesh
  PS: Please consider awarding points.

• Error in User Management and Assigning Role

  Hi,
  I have configured LDAP authentication on LiveCycle Server. I get the userlist with LDAP in my admin console under User Management - User & Groups. But as soon I click on any of the LDAP username I am getting error to contact administrator. Same also happens when I check the checbox infront of the username and tries to assing role.
  My Livecycle server is on WAS6.1, I also have server setup on my local where the same LDAP i have configured and I am able to access users and assign role. Is there any problem with WAS6.1 ?
  I checked the logs and i got following exception in server logs.
  [10/24/08 10:57:58:467 EDT] 00000039 IDPLoggedExce W com.adobe.idp.common.errors.Logger$LogConsumer run UserM:GENERIC_WARNING: [Thread Hashcode: 1028668752] | [com.adobe.idp.um.businesslogic.directoryservices.DirectoryServicesManagerBean] errorCode:8193 errorCodeHEX:0x2001 message:getPrincipal public chainedException:java.lang.NullPointerExceptionchainedExceptionMessage:null chainedException trace:java.lang.NullPointerException
  at com.adobe.idp.um.businesslogic.directoryservices.DirectoryServicesManagerBean.getCacheKey s(DirectoryServicesManagerBean.java:1583)
  at com.adobe.idp.um.businesslogic.directoryservices.DirectoryServicesManagerBean.findPrincip al(DirectoryServicesManagerBean.java:1608)
  at com.adobe.idp.um.businesslogic.directoryservices.EJSLocalStatelessDirectoryServicesManage rBean_0dbf3d20.findPrincipal(Unknown Source)
  at com.adobe.idp.um.api.impl.DirectoryManagerImpl.findPrincipal(DirectoryManagerImpl.java:13 8)
  at com.adobe.idp.um.ui.user.CreateNewUserAction.doExecute(CreateNewUserAction.java:139)
  at com.cc.framework.adapter.struts.ActionUtil.execute(Unknown Source)
  at com.cc.framework.adapter.struts.FWAction.execute(Unknown Source)
  at com.cc.framework.adapter.struts.FWAction.execute(Unknown Source)
  at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
  at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
  at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
  at org.apache.struts.action.ActionServlet.doGet(ActionServlet.java:414)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:743)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
  at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1075)
  at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1016)
  at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:145)
  at com.adobe.framework.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:1 73)
  at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java: 190)
  at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
  at com.adobe.idp.um.auth.filter.AuthenticationFilter.doFilter(AuthenticationFilter.java:154)
  at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java: 190)
  at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
  at com.adobe.idp.um.auth.filter.PortalSSOFilter.doFilter(PortalSSOFilter.java:113)
  at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java: 190)
  at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:130)
  at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:87)
  at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:771)
  at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:679)
  at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:546)
  at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:478)
  at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.jav a:90)
  at com.ibm.ws.web

  Hello Do anyone get anything about above exception, or is there any other information needed, please let me know ?
  I still cannot found the solution for above problem, and it stops me to configuring users on Adobe LiveCycle ES, we have purchased Livecycle ES version 8.0

• Table to find the assigned Roles with my User ID

  Hello Experts,
  1.Is there any specific table to find out the assigned roles to my User ID?
  If there is no table, let me know is there any transaction to find out the assigned roles to my User ID?
  2. When I assigned Marketing Pro role to my user id in Organization Unit, I am not able to see in webui screen.
  when I click on webui transaction, it is displaying some selection screen, there it is not displaying the role I have assigned?
  Could you help me to sort out these two queries?
  Thanks and Regards
  Madhu

  Hi Madhu,
  1.Is there any specific table to find out the assigned roles to my User ID?
  If there is no table, let me know is there any transaction to find out the assigned roles to my User ID?
  Sol'n : You have so many Class Methods for finding your requirement else FM aslo.
  Go to SE84 there u will find search ClassMethods. There u type getuserRole or userRole* and press F8. Pick the one which you feel it may give you the result
  ie you have to execute the class...if it showing instance on the tool bar click on that then press execute the method which you feel relevant to you, and give input parameters.
  Sol'n for 1 point is: CL_CRM_UI_ROLE_ASSIGN->GET_BUSINESSROLES_FOR_USER.
  2. When I assigned Marketing Pro role to my user id in Organization Unit, I am not able to see in webui screen.
  Sol'n: Go and check in T-code : BP. Dispay Ur BP and check for Employee Meantaied -- Identification Tab..Did u maintained ur Userid over there or not
  when I click on webui transaction, it is displaying some selection screen, there it is not displaying the role I have assigned?
  Sol'n: Need clarification on this point.
  Regards,
  Lokesh
  Edited by: Lokesh on Mar 8, 2010 7:37 AM

• Assign role request through code not going to Operational level

  Hi All
  We are trying to assign roles through code using the OIM API's as suggested in the documentation
  "http://docs.oracle.com/cd/E27559_01/doc.1112/e28183/oim_up.htm#autoId40".
  We have 2 Approval policies one is at Request Level (i.e. Auto Approval) and the other is Operational level(Scope=ALL Scope) with workflow, So once the request is getting raised with the code successfully it is getting completed. The expected behavior is that it should go to the approval workflow attached at operational level.
  When we tried to attach a workflow at the request level, the request is going through Approval workflow attached at request level and once we approve at request level it is getting completed and not going to operational level.
  But we will have Request level as auto approved and Operational level with two level of Workflow.
  Thanks in Advance

  Check whether you have configured Request Type in your approval policy properly for operational level approval. In the Rule Components section check whether you have configured everything correctly. Also dont raise the request from system admin login as it will be treated as a direct provisioning request and your approval policies will not be invoked. Login through an end-user and test it

• How To Assign Role To User Programatically?

  Hi,
  We Need Code to Assign Role To User In JSPDynapage.
  Thanks
  SubbaRao Chinta

  Hi SubbaRao Chinta,
  See http://help.sap.com/saphelp_nw70/helpdata/EN/7d/003c41325fa831e10000000a1550b0/frameset.htm and the corresponding JavaDoc: http://help.sap.com/javadocs/nw04/current/um/com/sap/security/api/IRoleFactory.html
  Hope it helps
  Detlev

• Assigning Roles for a user programatically in E-Business Suite

  Hi All,
  How can I assign roles to a user programatically (may be using PL/SQL) in E-Business Suite.
  Thanks,
  Iceman513

  Please see these docs.
  How to Assign and Revoke Role/Responsibility to a User using a Standard API? [ID 373369.1]
  Api To Assign Responsibility To A Role In Bulk. [ID 458072.1]
  How Does One Using API add Users to a Role? [ID 794538.1]
  Thanks,
  Hussein

• Assigning Role Assigner Permission

  Hi,
  I've been going through the Enterprise Portal APIs for a way to assign Role Assigner Permission on a Role to a User, but i haven't been able to find one.
  Can someone please guide me on how to do it?
  Thanks,
  Mayank

  Thanks Michael,
  I tried with the following code:
  initPcdCtx = new InitialContext(env);
  initPcdCtx = BRUtil.GetPCDContext(csc.Persistence);
  IPcdContext myPcdContext =(IPcdContext)
                           initPcdCtx.lookup(Role); // Loading the context with the Role
  IAclHandle myHandle = myPcdContext.getAclHandle();
  IAcl ownAcl = myHandle.getOwnAcl();
  if (ownAcl == null)
       msg = "Currently no ACL - attempting to create it";
       myHandle.createAcl(LoginID,myHandle.getParentAclHandle().getOwnAcl());
       ownAcl = myHandle.getOwnAcl();
  ownAcl.createAclEntry(LoginID, Role, "allow");
  But it's failing in the createAcl statement. I get a java.lang.ClassCastException.
  If I load the myPcdContext  object with the user loginID instead of the role, then I get an exception saying "Child not found" .
  Am I missing something here? Thanks for all your help.
  - Mayank

• How can i pass array as argument in magento api method calling using sudzc API in iphone Native APP

  0down votefavorite
  I am implementing magento standard api method in native iphone app. I use webservice generated by sudzc. To call method I use:
  [service call:self action:@selector(callHandler:) sessionId:@" " resourcePath:@" " args:@""];
  When I used methods e.g. cart.info or product.info in which I have to pass one parameter; it gives valid response. But when I used method e.g. cart_product.add in which I have to pass an argument as value of array it gives error
  SQLSTATE[42000]: Syntax error or access violation:
      1064 You have an error in your SQL syntax;
      check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1
  I have tested in SOAP UI also. There also it gives me same error. But same method works in PHP file. Even I tried by creating same soap request which I created using JavaScript but still it doesn't work.
  Can anyone help me to pass array as a parameter using sudzc api to call magento web services?

  There is an error in your SQL.