Oracle Access Manager OAM SDK API user logout
OAM SDK API for user logout
Discussion
If the application need to logout user, then it can invoke logoff method on the object of UserSession class. Please check the SDK API doc but you need to invoke this method based on some event.
https://docs.oracle.com/cd/E28280_01/dev.1111/e12491/as_api.htm#AIDEV119
OAM Access Manager SDK Java API for Usersession class (logoff) https://docs.oracle.com/cd/E23943_01/apirefs.1111/e22472/oracle/security/am/asdk/UserSession.html
logoff
public void logoff()
throws AccessException
Logs off the authenticated user and terminates the session.
Throws:
AccessException - If error occurs during operation
Invoke the logoff method to terminate the user session of the current authenticated user and thereby logging off the user
Retrieve OAM User Session ateam
Discussion reference retrieve userid (not answered)
-------------------------------------------------------------------------------------------------------------
All these files will be available in OAM installed path(except “jps-config” which comes along with downloaded zip)
Following is the sample access client code using OAM 11gR2 sdk api to get some session related information.
You can refer oracle documentation to read more about it.
To run this code, follow this
1. Download "Oracle Access Manager Access SDK 11.1.2.0.0" from edelivery.
2. Extract the content into a folder. It will mainly contain few jar files. I extracted zip into D:\Softwares\Oracle\OAM Access SDK 11gR2
3. Create java project in Jdev or eclipse using following code.
4. Add jps-api.jar and oamasdk-api.jar to the project classpath.
If you run this code now, it will give you error
SEVERE: Oracle Access SDK initialization failed.
oracle.security.am.asdk.AccessException: OAMAGENT-02069: Configuration file D:\Softwares\Oracle\OAM Access SDK 11gR2/oblix/lib/ObAccessClient.xml does not exists.
5. Hence create folder structure oblix/lib under SDK installation directory. In my case, it become D:\Softwares\Oracle\OAM Access SDK 11gR2/oblix/lib
6. To get ObAccessClient.xml you need to go to machine where WebGate is installed. Its location varies depending on wg
For apache wg, it is under - C:\ApacheWG\NetPoint\WebComponent\access\oblix\lib
For IIS wg, its under - C:\Program Files (x86)\NetPoint\Webgate\access\oblix\lib
7. Copy this xml file under lib folder created in step 5.
You are now good to run your code.
Note**:
You may end up getting following error on jdev or eclipse console
oracle.security.am.asdk.ResourceRequest isProtected
SEVERE: Unknown exception.
and OAM server logs showing error in detail :
<Error while checking if the resource is protected or not.>
<Error in generating AMEvent. Details Event Response status is STATUS_FAIL for GET_AUTHN_SCHEME event. Error code OAM-02073 status fail isExcluded false>
at oracle.security.am.proxy.oam.requesthandler.NGProvider.checkProtected
(NGProvider.java:4272)
..
..
To resolve this: open your ObAccessClient.xml and copy the value of preferredHost.
Use this value as HOST in your client code.
Code:
import java.util.Hashtable;
import oracle.security.am.asdk.*;
public class JAccessClient
{
public static final String ms_resource = "//test.com/protected/protected.html";
// in case of aforementioned error, use following
// public static final String ms_resource = "//OAM10GAPACHEWG/protected/protected.html";
public static final String ms_protocol = "http";
public static final String ms_method = "GET";
public static final String ms_login = "batman";
public static final String ms_passwd = "batman123";
public static final String m_configLocation = "D:\\Softwares\\Oracle\\OAM Access SDK 11gR2";
public static void main(String argv[])
{
AccessClient ac = null;
try
{
System.out.println("Entered Try..");
ac = AccessClient.createDefaultInstance(m_configLocation,AccessClient.CompatibilityMode.OAM_10G);
System.out.println("Created Default Instance..");
ResourceRequest rrq = new ResourceRequest(ms_protocol, ms_resource,ms_method);
System.out.println("Created Resource Request object..");
if (rrq.isProtected())
{
System.out.println("Resource is protected.");
AuthenticationScheme authnScheme = new AuthenticationScheme(rrq);
if (authnScheme.isForm())
{
System.out.println("Form Authentication Scheme.");
Hashtable creds = new Hashtable();
creds.put("userid", ms_login);
creds.put("password", ms_passwd);
UserSession session = new UserSession(rrq, creds);
if (session.getStatus() == UserSession.LOGGEDIN)
{
if (session.isAuthorized(rrq))
{
System.out.println("User is logged in and authorized for the"+"request at level " + session.getLevel());
System.out.println("User Identity:"+session.getUserIdentity());
System.out.println("Status: "+session.getStatus());
System.out.println("Start time:"+session.getStartTime());
System.out.println("Session Token:"+session.getSessionToken());
System.out.println("Last Usetime:"+session.getLastUseTime());
}
else
{
System.out.println("User is logged in but NOT authorized");
}
//user can be loggedout by calling logoff method on the session object
}
else
{
System.out.println("User is NOT logged in");
}
}
else
{
System.out.println("non-Form Authentication Scheme.");
}
}
else
{
System.out.println("Resource is NOT protected.");
}
}
catch (AccessException ae)
{
//System.out.println("Access Exception: " + ae.getCause());
ae.getStackTrace();
}
ac.shutdown();
}
}
Discussion
If the application need to logout user, then it can invoke logoff method on the object of UserSession class. Please check the SDK API doc but you need to invoke this method based on some event.
https://docs.oracle.com/cd/E28280_01/dev.1111/e12491/as_api.htm#AIDEV119
OAM Access Manager SDK Java API for Usersession class (logoff) https://docs.oracle.com/cd/E23943_01/apirefs.1111/e22472/oracle/security/am/asdk/UserSession.html
logoff
public void logoff()
throws AccessException
Logs off the authenticated user and terminates the session.
Throws:
AccessException - If error occurs during operation
Invoke the logoff method to terminate the user session of the current authenticated user and thereby logging off the user
Retrieve OAM User Session ateam
Discussion reference retrieve userid (not answered)
-------------------------------------------------------------------------------------------------------------
Developing OAM Access Client 11GR2
An Access Client is a custom Webgate that has been developed using the 11g Access SDK and APIs. This post explains the steps for developing OAM Access client 11gR2.
Developing OAM Access Client 11GR2 steps
Before writing the code, we need to set up the environment locally.
1. Download “Oracle Access Manager Access SDK 11.1.2.0.0″ from Oracle edelivery.
2. Create a folder and extract the contents for the downloaded zip file into this folder (in my case it is “C:/AccessSDK11g”)
3. Create a Java project and add all the jars in the zip file to the class path of that project.
All these files will be available in OAM installed path(except “jps-config” which comes along with downloaded zip)
5. copy the below code into a class file of the project and execute the below code.
import java.util.Hashtable;
import java.util.Properties;
import oracle.security.am.asdk.*;
import java.util.Properties;
import oracle.security.am.asdk.*;
public class JAccessClient{
public static void main(String args[]) {
AccessClient ac = null;
UserSession session = null;
public static void main(String args[]) {
AccessClient ac = null;
UserSession session = null;
String ms_resource = “//abcd.example.com/identity”;
String ms_protocol = “http”;
String ms_method = “GET”;
String ms_login = “username”;
String ms_passwd = “password”;
try {
String ms_protocol = “http”;
String ms_method = “GET”;
String ms_login = “username”;
String ms_passwd = “password”;
try {
System.setProperty(“oracle.security.jps.config”,
“C:/AccessSDK11g/jps-config.xml”);
System.setProperty(“OAM_ASDK_CONFIG_DIR”, “C:/AccessSDK11g”);
System.out.println(“System Property jps::”
+ System.getProperty(“oracle.security.jps.config”));
System.out.println(“System Property ASDK::”
+ System.getProperty(“OAM_ASDK_CONFIG_DIR”));
ac = AccessClient
.createDefaultInstance(AccessClient.CompatibilityMode.OAM_11G);
“C:/AccessSDK11g/jps-config.xml”);
System.setProperty(“OAM_ASDK_CONFIG_DIR”, “C:/AccessSDK11g”);
System.out.println(“System Property jps::”
+ System.getProperty(“oracle.security.jps.config”));
System.out.println(“System Property ASDK::”
+ System.getProperty(“OAM_ASDK_CONFIG_DIR”));
ac = AccessClient
.createDefaultInstance(AccessClient.CompatibilityMode.OAM_11G);
ResourceRequest rrq = new ResourceRequest(ms_protocol, ms_resource,
ms_method);
if (rrq.isProtected()) {
System.out.println(“Resource is protected.”);
AuthenticationScheme authnScheme = new AuthenticationScheme(rrq);
if (authnScheme.isForm()) {
System.out.println(“Form Authentication Scheme”);
Hashtable creds = new Hashtable();
creds.put(“userid”, ms_login);
creds.put(“password”, ms_passwd);
ms_method);
if (rrq.isProtected()) {
System.out.println(“Resource is protected.”);
AuthenticationScheme authnScheme = new AuthenticationScheme(rrq);
if (authnScheme.isForm()) {
System.out.println(“Form Authentication Scheme”);
Hashtable creds = new Hashtable();
creds.put(“userid”, ms_login);
creds.put(“password”, ms_passwd);
try {
System.out.println(“In try”);
session = new UserSession(rrq, creds);
System.out.println(“session status is::”
+ session.getStatus());
System.out.println(“session error is::”
+ session.getError());
System.out.println(“session error message is::”
+ session.getErrorMessage());
System.out.println(“session Identity is::”
+ session.getUserIdentity());
System.out.println(“In try”);
session = new UserSession(rrq, creds);
System.out.println(“session status is::”
+ session.getStatus());
System.out.println(“session error is::”
+ session.getError());
System.out.println(“session error message is::”
+ session.getErrorMessage());
System.out.println(“session Identity is::”
+ session.getUserIdentity());
} catch (Exception e) {
System.out.println(“In catch of Exception”);
e.printStackTrace();
System.out.println(“Exception message is::”
+ e.getMessage());
}
System.out.println(“In catch of Exception”);
e.printStackTrace();
System.out.println(“Exception message is::”
+ e.getMessage());
}
if (session.getStatus() == session.LOGGEDIN) {
if (session.isAuthorized(rrq)) {
System.out
.println(“User ”
+ ms_login
+ ” with password ”
+ ms_passwd
+ ” is logged in and authorized for the”
+ ” request at level ”
+ session.getLevel());
session.logoff();
System.out.println(“User is logged off”);
} else {
System.out
.println(“User is logged in but NOT authorized”);
}
} else {
System.out.println(“User is NOT logged in”);
if ((session.getError() == session.ERR_PASSWORD_EXPIRED))
System.out.println(“Expired password”);
else if ((session.getError() == session.ERR_NO_USER)
|| (session.getError() == session.ERR_WRONG_PASSWORD))
System.out.println(“Invalid UserID/Password”);
else if (session.getError() == session.ERR_USER_LOCKED_OUT)
System.out.println(“Account Locked”);
if (session.isAuthorized(rrq)) {
System.out
.println(“User ”
+ ms_login
+ ” with password ”
+ ms_passwd
+ ” is logged in and authorized for the”
+ ” request at level ”
+ session.getLevel());
session.logoff();
System.out.println(“User is logged off”);
} else {
System.out
.println(“User is logged in but NOT authorized”);
}
} else {
System.out.println(“User is NOT logged in”);
if ((session.getError() == session.ERR_PASSWORD_EXPIRED))
System.out.println(“Expired password”);
else if ((session.getError() == session.ERR_NO_USER)
|| (session.getError() == session.ERR_WRONG_PASSWORD))
System.out.println(“Invalid UserID/Password”);
else if (session.getError() == session.ERR_USER_LOCKED_OUT)
System.out.println(“Account Locked”);
}
} else
System.out.println(“non-Form Authentication Scheme.”);
} else
System.out.println(“Resource is not protected”);
} catch (AccessException ae) {
System.out.println(“Access Exception: ” + ae.getMessage());
}
session.clearActions();
System.out.println(“Session cleared”);
ac.shutdown();
System.out.println(“non-Form Authentication Scheme.”);
} else
System.out.println(“Resource is not protected”);
} catch (AccessException ae) {
System.out.println(“Access Exception: ” + ae.getMessage());
}
session.clearActions();
System.out.println(“Session cleared”);
ac.shutdown();
}
}
}
------------------------------------------------------------------------------------------------------------------
OAM 11gR2 Access SDK sample client code
Following is the sample access client code using OAM 11gR2 sdk api to get some session related information.
You can refer oracle documentation to read more about it.
To run this code, follow this
1. Download "Oracle Access Manager Access SDK 11.1.2.0.0" from edelivery.
2. Extract the content into a folder. It will mainly contain few jar files. I extracted zip into D:\Softwares\Oracle\OAM Access SDK 11gR2
3. Create java project in Jdev or eclipse using following code.
4. Add jps-api.jar and oamasdk-api.jar to the project classpath.
If you run this code now, it will give you error
SEVERE: Oracle Access SDK initialization failed.
oracle.security.am.asdk.AccessException: OAMAGENT-02069: Configuration file D:\Softwares\Oracle\OAM Access SDK 11gR2/oblix/lib/ObAccessClient.xml does not exists.
5. Hence create folder structure oblix/lib under SDK installation directory. In my case, it become D:\Softwares\Oracle\OAM Access SDK 11gR2/oblix/lib
6. To get ObAccessClient.xml you need to go to machine where WebGate is installed. Its location varies depending on wg
For apache wg, it is under - C:\ApacheWG\NetPoint\WebComponent\access\oblix\lib
For IIS wg, its under - C:\Program Files (x86)\NetPoint\Webgate\access\oblix\lib
7. Copy this xml file under lib folder created in step 5.
You are now good to run your code.
Note**:
You may end up getting following error on jdev or eclipse console
oracle.security.am.asdk.ResourceRequest isProtected
SEVERE: Unknown exception.
and OAM server logs showing error in detail :
<Error while checking if the resource is protected or not.>
<Error in generating AMEvent. Details Event Response status is STATUS_FAIL for GET_AUTHN_SCHEME event. Error code OAM-02073 status fail isExcluded false>
at oracle.security.am.proxy.oam.requesthandler.NGProvider.checkProtected
(NGProvider.java:4272)
..
..
To resolve this: open your ObAccessClient.xml and copy the value of preferredHost.
Use this value as HOST in your client code.
Code:
import java.util.Hashtable;
import oracle.security.am.asdk.*;
public class JAccessClient
{
public static final String ms_resource = "//test.com/protected/protected.html";
// in case of aforementioned error, use following
// public static final String ms_resource = "//OAM10GAPACHEWG/protected/protected.html";
public static final String ms_protocol = "http";
public static final String ms_method = "GET";
public static final String ms_login = "batman";
public static final String ms_passwd = "batman123";
public static final String m_configLocation = "D:\\Softwares\\Oracle\\OAM Access SDK 11gR2";
public static void main(String argv[])
{
AccessClient ac = null;
try
{
System.out.println("Entered Try..");
ac = AccessClient.createDefaultInstance(m_configLocation,AccessClient.CompatibilityMode.OAM_10G);
System.out.println("Created Default Instance..");
ResourceRequest rrq = new ResourceRequest(ms_protocol, ms_resource,ms_method);
System.out.println("Created Resource Request object..");
if (rrq.isProtected())
{
System.out.println("Resource is protected.");
AuthenticationScheme authnScheme = new AuthenticationScheme(rrq);
if (authnScheme.isForm())
{
System.out.println("Form Authentication Scheme.");
Hashtable creds = new Hashtable();
creds.put("userid", ms_login);
creds.put("password", ms_passwd);
UserSession session = new UserSession(rrq, creds);
if (session.getStatus() == UserSession.LOGGEDIN)
{
if (session.isAuthorized(rrq))
{
System.out.println("User is logged in and authorized for the"+"request at level " + session.getLevel());
System.out.println("User Identity:"+session.getUserIdentity());
System.out.println("Status: "+session.getStatus());
System.out.println("Start time:"+session.getStartTime());
System.out.println("Session Token:"+session.getSessionToken());
System.out.println("Last Usetime:"+session.getLastUseTime());
}
else
{
System.out.println("User is logged in but NOT authorized");
}
//user can be loggedout by calling logoff method on the session object
}
else
{
System.out.println("User is NOT logged in");
}
}
else
{
System.out.println("non-Form Authentication Scheme.");
}
}
else
{
System.out.println("Resource is NOT protected.");
}
}
catch (AccessException ae)
{
//System.out.println("Access Exception: " + ae.getCause());
ae.getStackTrace();
}
ac.shutdown();
}
}
Comments
Post a Comment