In OES 11g, the applications can be binded to SM instances either through OES Admin console or through API. In this post I would like to provide sample code snippet to do the same.
Assuming that there is a proper jps-config.xml of an SM instance, the code snippet will work if the JPS Context is defined for “default”.
// @ To retrieve the Context Factory Instance.
JpsContextFactory ctxFact = JpsContextFactory.getContextFactory();
// @ To retrieve the JPS context from jps-config.xml.
JpsContext ctx = ctxFact.getContext(“default”);
// @ To identify Policy Store Instance.
PolicyStore ps = ctx.getServiceInstance(PolicyStore.class);
// @ To get the instance of ConfigurationBindingManager.
ConfigurationBindingManager configBindingMgr = ps.getConfigurationBindingManager();
//Bind the Application to a specific SM instance
configBindingMgr.bindSecurityModule(“smName”, “appName”);
// To unbind the Application from specific SM instance
configBindingMgr.unbindSM(“smName”, “appName”);
The above code snippet will just bind/SM instance to an application. However in order to use the application for fine grained authorization, policies needs to be distributed from OES Server to the SM instance. To achieve this using OES API, use the below code snippet.
//get the application policy
ApplicationPolicy application = ps.getApplicationPolicy(appName);
//get the PolicyDistributionManager
PolicyDistributionManager pdm = application.getPolicyDistributionManager();
//distribute policies
String distID = pdm.distributePolicy(true);
// Retrieve the distribute status value
DistributionStatusEntry status = pdm.getDistributionStatus(distID);
// Wait until status is 100%
while (status.getPercentComplete() != 100) {
Thread.currentThread().sleep(200);
status = pdm.getDistributionStatus(distID);
}
Hope this helps.
Oracle documentation is here.
I am engulfed in Oracle Identity & Access Management domain. I have expertise on providing the optimized solutions for user provisioning, web access management, Single Sign-On and federation capabilities etc., I am also well versed with complex integrations within Identity Management and other product domains. I have expertise on building demos and implementation experience on products Oracle Access Manager, Oracle Adaptive Access Manager, Oracle Entitlement Server, Oracle Virtual Directory, Oracle Internet Directory etc., Look @ my blog: http://talkidentity.blogspot.com