Wednesday, June 29, 2016

OIM11gR2PS3 ( Plug-in Points

Table 17-1 Plug-in Points
Plug-in PointDescription
This is used by LDAP synchronization to determine which user/role container should be used to create the user/role in LDAP.
This is the kernel event handler. See Chapter 18, "Developing Event Handlers" for information about kernel event handlers.
This is an implementation of a LoginMapper maps the JAAS user principal name to the corresponding Oracle Identity Manager username. This plug-in point is used to override the default mapping of JAAS user principal name to Oracle Identity Manager username for SSO scenarios. The default implementation returns the same value as the JAAS user principal name.This plug-in point is typically used in SSO scenarios where the JAAS user principal name and the Oracle Identity Manager username might be different. For example, the SSO system might set the email as the JAAS username but no user with that username exist in Oracle Identity Manager. For Oracle Identity Manager to recognize that user, the JAAS user principal name must be mapped to the Oracle Identity Manager username. This can be done by implementing a plug-in for LoginMapper, as shown:
public class CustomLoginMapper implements LoginMapper{
public String getOIMUserID(String jaasPrincipal) throws MappingException {
               return getUserName(jassPrincipal);

private String getUserName(String emailID){
               String userName = null;

               //Use usermgmt APIs to get the username corresponding to this email id
               return userName;
This is used for verification of old password while changing the user's password. The class that is to be used for this validation is configured in the OIM.OldPasswordValidator system property. By default, use the container based authentication for verifying old password.
This allows running of custom code during request status change.
This is used for custom validation of request data after submission.
This is used to prepopulate an attribute value by running custom code during request creation.
This is used to run the job in context. Execute method of the task is retrieved through the plug-in and is loaded.
This is an implementation of username policies that are used to generate/validate username.
This is an implementation for reservation of user attributes in LDAP.

No comments:

Post a Comment