Extended user attributes (UME)
Hi there
I'd like to add some attributes to my application users.
I've read about ume.admin.addattrs and ume.admin.self.addattrs and I got it working, I mean, I can see those attributes in the "user admin" of my was server.
How can I read these values in my webdynpro application?
I've tried through IUser interface but it didn't work.
Is there any other way of adding attributes to WAS users?
thanks in advance
Hi Julio,
Try this
try {
IUser user = UMFactory.getUserFactory().getUserByUniqueName(username);
String salesOrg;
final String[] attribute = user.getAttribute(
"com.sap.security.core.usermanagement",
"NAME_OF_CUSTOM_ATTRIBUTE_FOR_SALES_ORGANIZATION");
if( attribute==null || attribute.length == 0 || !Utils.isNotEmpty(attribute[0]) ) {
//manage error
return;
} else {
salesOrg = attribute[0];
} catch (final WDUMException e) {
//manage exception
return;
Best regards, Maksim Rashchynski.
Similar Messages
-
Saving/fetching extended user attribute
I recently got rid of all of my global.* attribute references because both in experience and in quite a lot of stated opinions here in the forum, it was the right thing to do.
Everything is working great except my sole extended user attribute, which is basically an employee ID. It has a good IDMAttributeConfiguration and IDMObjectClassAttributeConfiguration defined in IDMSchemaConfiguration. In my active sync form I set accounts[Lighthouse].myAttributeName, and in the field directly after it I trace the value out to catalina.out so I can see that it's all good.
But when I bring up the user in a view user form, myAttributeName is nowhere to be found as I look through all of the local variables via the debugger. In particular, none of these exist:
accounts[Lighthouse].myAttributeName
waveset.attributes.myAttributeName
waveset.myAttributeName
global.myAttributeName
I'm running 8.0.0.4 (I'd like to get this last bit to production before I upgrade to 8.1.x). I've triple-checked to make sure there aren't typos.
What am I forgetting? I feel like it must be something pretty basic...
Thanks in advance, -Les
Edited by: LesL on Apr 12, 2010 4:21 PMPaulHilchey wrote:
I believe accounts[Lighthouse].myAttributeName should do what you want, but be sure you don't have any "global" references at all.
If you've got even one global reference it would trigger the global propagation mechanism that could mess you up.Paul,The default tabbed user form pulls in IdentityContent from User Library, which uses "global" references for firstname, lastname, fullname, email, idmManager. Do you use the default IdentityContent, or you do replace the name fields with accounts[Lighthouse] references? When you update firstname (say) in activesync, do you refer to it in the global or accounts[Lighthouse] namespace?
I discovered something else unexpected that feels related. In my IDM schema configuration, I had correctly formatted IDMAttributeConfiguration and IDMObjectClassAttributeConfiguration entries for my attribute, but I had inserted them alphabetically in the configurations. My attribute name begins with a "c", and it came at the top of the lists as presented in the XML source. In that state, my attribute was no longer listed in the Identity Manager Attributes in the Rule Argument pull down list when assigning a conditionally contained role. But when I moved the IDMAttributeConfiguration and IDMObjectClassAttributeConfiguration entries for my attribute to follow the entries for lastname (and restarted the app server), then my attribute became listed in the pulldown! How odd.
I have reset my equivalent of IdentityContent to use "global" instead of "accounts[Lighthouse]" and have fixed most of the issues except for an odd race condition in activeSync. I did that before I made the schema configuration changes above, though, so more testing is required. I'll write back if I find out anything interesting. -
Sun IDM 7.0, creating a new extended user object in the repository.
I have tested a change to an existing UserForm used in Anonymous User Registration TaskDefinition. The customer would like to capture a new field of data from the user during the registration, and have it stored in the repository so that it may be used as a differentiators between groups for billing.
Caveat: I am not the guy that originally installed and originally configured the IDM server, nor am I a programmer.
Having said that, I have poked around enough to me able to modify the UserForm to include the drop-down select code, but once saved during the registration process, it is lost once the account is approved.
Is there a rather explicit procedure to create a new extended user attribute within the repository? Someplace where my data can be saved?
Thank you in advance for any assistance you may offer.
Edited by: Jonathan.Hawes on Oct 29, 2010 3:58 PM to correct some spellingIn 7.X user extended attributes shall be first described in the UserUIConfig Configuration object.
-
How to access custom ume user attributes via VC?
Hi guys,
I configured a custom user attribute within the ume configuration:
<a href="http://help.sap.com/saphelp_nw2004s/helpdata/de/44/0316d50bbe025ce10000000a1553f7/frameset.htm">Adding Custom Attributes to the User Profile</a>
Now, how can I access this attribute within my VC model (user data)?
Thanks for your ideas
BennyHi,
Regarding adding properties to user data control, i have the following information. But i am not sure, whether it will be helpful to you.
You can add a personalise property/User mapping property into a user data control.
Drag a User data component, go to configure and click the + sign at the bottom of User parameters.
You can add any personalised properties to the user data (with valid data types and allowed values). Then can use the property in any formula.
When iView is opened in portal, the personalise property of that particular iView is used to change the property value
Hope it helps.
Regards,
Sooraj -
Editing LDAP User attributes from UME interface
Hi Gurus,
We want to develop a solution with user management screens in WD. These screens will provide password reset and unlock functionality for users. Our users are stored in LDAP. Current connection to LDAP is in Read Only manner.
I want to know
1. How to enable the connection from UME to LDAP in read/write manner?
2. What certificates need to be exchanged for write access? if any?
3. What changes needs to be done in config file of UME?
4. Which permissions should be granted for communication user to edit LDAP user attributes?
Even after performing the change to read LDAP in read/write manner, will it be sure: If we lock user from UME, it will lock LDAP user? please comment.
regards
Kedar KulkarniHi,
We are half way into our application between UME and LDAP. We have developed screens and tested in our internal server. In internal landscape, UME is connected to LDAP in read only fashion. So when we try to create User, it gets created in UME.
But when we deploy same application into client landscape, we receive error as below:
No data source feels responsible for principal. Please check the data source configuration
Now we are not sure why this error is getting displayed.
In client landscape there are 2 LDAPs connected to UME, with only one LDAP in read/ write access.
Is there any way we can check which LDAP is being accessed by our code? Is there any concept of Default LDAP?
Any code to access LDAP details will help us lot.
regards
Kedar Kulkarni -
Custom user attribute from ABAP to Portal UME
Hi All,
We have choose the ABAP as the data source for portal UME. We have a custom user attribute in the abap. Now i want to bring that custom user attribute from abap to custom user attribute in the UME.
Any help will be rewarded.
Thanks
Sarang.Any resolution to this issue?
-
Hi All,
I want to use a standard UME user attribute which should allows multiple values. Is there any standard UME attribute allows multiple values.
I need this functionality to create a Virtual Group. I have followed the [Help Link|http://help.sap.com/saphelp_nw70/helpdata/en/43/fcfa2942ed7067e10000000a1553f6/content.htm]. to create Virtual Group based on UME department attribute. Department attribute is not supporting multiple values.
I want to achieve this is in Standard Configuration of Portal.
Can anyone help me or list me the Standard UME attribute which supports multiple values.
Thanks in Advance.
Regards
Venkatesh. KHi Venkatesh,
I did a quick search of the online help and found this...
The user attributes do not support multiple values by default, but if you mapped an attribute to an LDAP attribute with multiple values, you could read for a user the attribute department, which has the values Marketing and Distribution. This user would then belong to both virtual groups Marketing and Distribution.
It is in the documentation for [configuring virtual groups|http://help.sap.com/saphelp_nwce10/Helpdata/EN/43/fcfa2942ed7067e10000000a1553f6/frameset.htm].
So it all depends on your data source.
-Michael -
Extended Identity Manager User Attributes
Howdy,
I'm trying to add some attributes to the user accounts stored local to the Identity Manager. I went to the configure menu, and set up the attributes under the Identity Attributes tab. I set the attributes to be stored locally and saved them. I also made sure to indicate that the attributes should be available to the IDM admin and end user interfaces. However, the attributes do not show up when I list the users. When I go to the users attribute tab, it contains only the Account ID attribute. Shouldn't I be able to add a new attribute and edit it?
Much thanks in advance for any help you may be able to provide.It is an XML object so I dont think it has a limit as such, though the system will get slower to checkout and checkin if you overextend it.
there usually isn't any reason to extend it extensivly... I believe it stores most of that, if the querable flag is set at least, in the user attributes table
if you need a lot of data connected to a user you could always have an extra table and store it in, you dont need to store everything in the user object unless you need it every time the user is checked in/out etc etc -
Accessing user attributes from a pipeline component
Hello,
I'm using WLCS & WLPS 3.1. I use webflow and I have implemented the page
transition myself to work with the portal. Everything is working fine.
I'm planning to implement a complex step of a business process as a pipeline
component. For various reasons, this PC will be implemented as an EJB. To
perform its job, this PC needs to get information about the user that is
currently logged in. More specifically, it needs to lookup custom attributes
from the user profile (i.e. user property set).
So my question is : is this possible directly from the PC, or do I have to
populate the pipeline session with required information in the input
processor?
Thank you for your advice
NicolasHello Ture,
Thanks for both posts.
Nicolas
"Ture Hoefner" <[email protected]> wrote in message
news:[email protected]..
... To perform its job, this PC needs to get information about the userthat
is
currently logged in. More specifically, it needs to lookup customattributes
from the user profile (i.e. user property set).
So my question is : is this possible directly from the PC, or do I haveto
populate the pipeline session with required information in the input
processor?Hello Nicolas,
I have not tried this myself. I think that the disconnect between the
pipeline session and the portal session is probably the fact that theattributes
in the portal session have their keys "fixed up" by prepending the portal
request URI. This is made possible by the
com.beasys.commerce.foundation.flow.jsp.DefaultDestinationDeterminer,which the
PortalDestinationDeterminer extends. It puts a "TRAFFIC.URI" attributeinto the
each request that goes through the FlowManagerServlet for the portal. Inthe
Acme exampleportal, the "SERVICEMANAGER.USER" attribute is put into theportal
HttpSession as "exampleportal.SERVICEMANAGER.USER".
If you want to get to the cached profile from your portal from yourpipeline
component (PC) then you would have to know that the name is "fixed up" tobe
"exampleportal.CACHED_PROFILE". There are probably several different waysyou
could get the "TRAFFIC.URI" information to your PC.
Ture Hoefner
BEA Systems, Inc.
2590 Pearl St.
Suite 110
Boulder, CO 80302
www.bea.com -
BPM 11g :: Active Directory custom user attribute binding
Hello everyone,
I'm having a special requirement from a customer who needs to make available on BPM an extended AD attribute (from the AD connected to WLS realm). As known, the standard user class does not have the possibility to read from extended User AD attributes but only from the standard ones.
Does anyone know how to map a “UserExtendedAttribute1” from the AD to a “MyUserMappedAttribute” on BPM?
Many thanksHi,
Please find the below link for video tutorial on adding a custom attribute to user class and viewing it from user properties in ADUC,
http://www.youtube.com/watch?v=__92mHwyZ3Q
Regards,
Gopi
www.jijitechnologies.com -
Adding additional user attributes in WLS 7 security
We are using WebLogic Sever 7.0.
We would like to use the WLS 7 security with built in embedded LDAP
server. By default, it provides facility to store username, password
and description for Users. We would like to extend it so that we can
manage more information about user such as phone number, email address
etc.
I have been reading WLS 7 security related documents regarding custom
authentication providers. I do not read to write new authentication
provider from scratch. Whatever we get by default would be fine. I
just would like to add more attributes for user and manage it through
WLS 7 console.
I would really appreciate if someone kindly advise of the steps needed
to accomplish this.
Please do not tell me to just read the documentation, as I have
already been reading WLS 7 security documents for 2 days now and can't
figure it out.[email protected] (Narendra Khatri) wrote in message news:<[email protected]>...
We are using WebLogic Sever 7.0.
We would like to use the WLS 7 security with built in embedded LDAP
server. By default, it provides facility to store username, password
and description for Users. We would like to extend it so that we can
manage more information about user such as phone number, email address
etc.
I have been reading WLS 7 security related documents regarding custom
authentication providers. I do not read to write new authentication
provider from scratch. Whatever we get by default would be fine. I
just would like to add more attributes for user and manage it through
WLS 7 console.
I would really appreciate if someone kindly advise of the steps needed
to accomplish this.
Please do not tell me to just read the documentation, as I have
already been reading WLS 7 security documents for 2 days now and can't
figure it out.Hello Narendra,
I work for OctetString and we are the developers of the LDAP Directory
that is embedded in WLS 7. We provide a suite of Virtual Directory
capabilities that would allow you to extend the attributes in the WLS
directory. Please visit our web site at www.octetstring.com for more
infomration or feel free to contact me at 847-466-1322. -
Custom User Attributes stored?
Hi,
I would like to know which table in Database, user attributes like firstname, lastname, email, custom attributes if any are stored. I know that some of the attributes like islocked, failedlogonattempts are stored in <b>ATTR</b> field of <b>UME_STRINGS</b> and their values stored in <b>VAL</b> field in the same table.
Can anyone help me in identifying the table in which attributes stored and how altering the table to add extra custom attributes other than the <b>UME APIs</b>?
Thanks in advance....
Regards,
Ganesh NHi Ganesh
I'm not sure why you'd want to get to the table(s) directly. Why not use the supported mechanism (APIs) rather than hope SAP never changes the underlying tables?
Have you tried a SQL trace at the J2EE level?
Cheers -
Hi,
1. How to add custom attributes to the Portal User. Like his SSN or some other info which is more specific to the client project.
2. How to set up a greeting for the logged in user like "Welcome <logged in user>" - "Welcome Portal30" or "Welcome User1". The edit defaults for banner has a greeting which can appear at the desired position, but how to write a pl/sql code to get the user using the api's.
Thanks
Nitin Thakkar
[email protected]1. In the current release, user attributes are not extendable. In the 9iAS V2 timeframe we are moving to an LDAP based model for managing users which will provide this extensibility.
2. In 3.0.8 of the portal (9iAS 1.0.2.1), you can use page templates to define your banner to include data such as the user name. In that case, you define your banner as html in the template and turn off the default banner on the page. -
Hi All,
We have choose the ABAP as the data source for portal UME. We have a custom user attribute in the abap. Now i want to bring that custom user attribute from abap to custom user attribute in the UME.
Any help will be rewarded.
Thanks
Sarang.Hi Sarang,
Check this:
UME attributemapping for R/3 datasource
Greetings,
Praveen Gudapati -
Anyconnect profiles using by using different extended key attributes
Hi,
I have an anyconnect VPN with workstations located in the same OU in Active Directory. The current anyconnect deployment uses seperate OUs to determine what profile is applied to the client.
I'm looking for a solutiuon to enable machines to be located in a single OU & still have the ability to apply different profiles to machines.
The only way I can think of doing this is using machine certificates in Active Directory & configuring different extended key attributes.
Any advice/suggestions or information on the best way of doing this would be greatly appreciatedResolved my own issue today. The error does nothing to describe the actual cause. The user's private key was corrupted (uncertain as to how). The certificate GUI in Windows showed it was okay, but running "certutil -store -user my" showed the error "Missing stored keyset" on the certificate in question.
The resolution was to delete the certificate and enroll for a new one, with a new key pair.
Maybe you are looking for
-
I'm a Graphic Designer and Animator with a Mid 2012 15" MBP...Programs slowing need up grade
Hey everyoe, I'm a Graphic Designer and Animator with a Mid 2012 15" MBP. My programs get REALLY SLOW, ToonBoom Harmony and Sometimes Illustrator, HELP! I upgraded my Ram to 16GB LONG time ago and it's made a big difference but still the stuff I make
-
Brightness keys on my keyboard adjust keyboard brightness instead of screen. Help!
I just bought my macbok pro two days ago. I have unchecked "automatically adjust brightness" under settings but when I use the brightness keys on my keyboard to manually adjust the brightness, it adjusts the brightness of my keyboard instead of my sc
-
Creating variants in BEX reports in BI 7.0
hI , We are in BI 7.0 . I am trying to create variant with SY-DATUM -1 in bex report . Whenever I execure the report , the selection screen date should be syatem date - 1 in variant . When i select the variant it should automatically pickup current d
-
WDS not getting linked after disconect and reconnect to wall
Hello. I have a A.Extreme configure with WDS and 3 A.Express as remotes. I configured everything perfect and worked fine. Today I wanted to move one A.Express to another outlet and when I plugged in it took so many time to get sync (like an hour). I
-
Why is my brand new iPod nano not appearing in iTunes?
I just connected the latest iPod nano model to my iMac, and it charges but does not appear in iTunes. I can't set it up or sync music, etc. I followed the troubleshooting procedure provided on the apple.support website. Please help!