Monday, October 8, 2012

Oracle Access Manager 11g R2 Access SDK


- Download OAM 11g R2 Access SDK from OTN and extract ZIP file and set CLASSPATH with all JAR files.
- Register New OAM 10g WebGate
- Add Host Identifier details
- Protect resource(In my case it's Welcome.html)
- Folder Structure needed for Access SDK Client
    - AccessSDKClient
                  - oblix
                        - lib
                  - com
                       - spsolutions
                               - OAMAccessSDKTest.ava

- Navigate to C:\Oracle\Middleware\Oracle_IDM1\oam\server\rreg\client\RREG\rreg\output\<<WebGate>> Copy ObAccessClient.xml file and paste in lib folder as mentioned in above step.

Note: Make sure you add protected resource host name in Access SDK host Identifier list.

Code :
package com.spsolutions;

import java.util.*;

// Class to Check user authorization to a resource.
public class OAMAccessSDKTest {
   public static final String ms_resource = "//";
   public static final String ms_protocol = "http";
   public static final String ms_method = "GET";
   public static final String ms_login = "<<userid>>";
   public static final String ms_passwd = "<<password>>";
   public static final String m_configLocation = "C:/OAMASDK";
   public static void main(String argv[]) {
          AccessClient ac = null;
      try {
          ac = AccessClient.createDefaultInstance(m_configLocation, AccessClient.CompatibilityMode.OAM_10G);
System.out.println("Configured Default Instance");
         ResourceRequest rrq = new ResourceRequest(ms_protocol, ms_resource,ms_method);
         System.out.println("Configured Default Instance  1");
         if (rrq.isProtected()) {
            System.out.println("Resource is protected.");
            AuthenticationScheme authnScheme = new AuthenticationScheme(rrq);
            if (authnScheme.isForm()) {
               System.out.println("Form Authentication Scheme.");
               Hashtable creds = new Hashtable();
               creds.put("userid", ms_login);
               creds.put("password", ms_passwd);
               UserSession session = new UserSession(rrq, creds);
               if (session.getStatus() == UserSession.LOGGEDIN)
                  if (session.isAuthorized(rrq)) {
                     System.out.println("User is logged in and authorized for the request at level "       +session.getLevel());
                           String identity = session.getUserIdentity();
                           System.out.println("Identity --> "+identity);
                           // Setting up Session Variables
                           Hashtable sessionAttributes= new Hashtable ();
   sessionAttributes.put("userid", "siva");
   sessionAttributes.put("mobile", "1234567890");
   sessionAttributes.put("email", "");
   session.setSessionAttributes(ac, sessionAttributes);
                           // Getting session variables
                          Hashtable attrs = session.getSessionAttributes(ac);
                           System.out.println("Session Attributes" + attrs);

                  } else {
                     System.out.println("User is logged in but NOT authorized");
               } else {
                  System.out.println("User is NOT logged in");
            } else {
               System.out.println("non-Form Authentication Scheme.");
         } else {
            System.out.println("Resource is NOT protected.");
      catch (AccessException ae) {
         System.out.println("Access Exception: " + ae.getMessage());


No comments:

Post a Comment