Oracle Access Manager 11g R2 Access SDK



Prerequisites:

- Download OAM 11g R2 Access SDK from OTN and extract ZIP file and set CLASSPATH with all JAR files.
- Register New OAM 10g WebGate
- Add Host Identifier details
- Protect resource(In my case it's Welcome.html)
- Folder Structure needed for Access SDK Client
    - AccessSDKClient
                  - oblix
                        - lib
                            -ObAccessClient
                  - com
                       - spsolutions
                               - OAMAccessSDKTest.ava

- Navigate to C:\Oracle\Middleware\Oracle_IDM1\oam\server\rreg\client\RREG\rreg\output\<<WebGate>> Copy ObAccessClient.xml file and paste in lib folder as mentioned in above step.

Note: Make sure you add protected resource host name in Access SDK host Identifier list.

Code :
package com.spsolutions;

import java.util.*;
import oracle.security.am.asdk.*;

// Class to Check user authorization to a resource.
public class OAMAccessSDKTest {
   public static final String ms_resource = "//oracleiam.spsolutions.com:7777/Welcome.html";
   public static final String ms_protocol = "http";
   public static final String ms_method = "GET";
   public static final String ms_login = "<<userid>>";
   public static final String ms_passwd = "<<password>>";
   public static final String m_configLocation = "C:/OAMASDK";
   public static void main(String argv[]) {
          AccessClient ac = null;
      try {
          ac = AccessClient.createDefaultInstance(m_configLocation, AccessClient.CompatibilityMode.OAM_10G);
System.out.println("Configured Default Instance");
         ResourceRequest rrq = new ResourceRequest(ms_protocol, ms_resource,ms_method);
         System.out.println("Configured Default Instance  1");
         if (rrq.isProtected()) {
            System.out.println("Resource is protected.");
            AuthenticationScheme authnScheme = new AuthenticationScheme(rrq);
            if (authnScheme.isForm()) {
               System.out.println("Form Authentication Scheme.");
               Hashtable creds = new Hashtable();
               creds.put("userid", ms_login);
               creds.put("password", ms_passwd);
               UserSession session = new UserSession(rrq, creds);
               if (session.getStatus() == UserSession.LOGGEDIN)
               {
                  if (session.isAuthorized(rrq)) {
                     System.out.println("User is logged in and authorized for the request at level "       +session.getLevel());
                           String identity = session.getUserIdentity();
                           System.out.println("Identity --> "+identity);
                           // Setting up Session Variables
                           Hashtable sessionAttributes= new Hashtable ();
   sessionAttributes.put("userid", "siva");
   sessionAttributes.put("mobile", "1234567890");
   sessionAttributes.put("email", "siva@abcd.com");
   session.setSessionAttributes(ac, sessionAttributes);
                       
                           // Getting session variables
                          Hashtable attrs = session.getSessionAttributes(ac);
                           System.out.println("Session Attributes" + attrs);

                  } else {
                     System.out.println("User is logged in but NOT authorized");
                  }
               } else {
                  System.out.println("User is NOT logged in");
               }
            } else {
               System.out.println("non-Form Authentication Scheme.");
            }
         } else {
            System.out.println("Resource is NOT protected.");
         }
      }
      catch (AccessException ae) {
         System.out.println("Access Exception: " + ae.getMessage());
      }
      ac.shutdown();
   }
}

Thanks!!!

Comments