Prerequisites:
- Download OAM 11g R2 Access SDK from OTN and extract ZIP file and set CLASSPATH with all JAR files.
- Register New OAM 10g WebGate
- Add Host Identifier details
- Protect resource(In my case it's Welcome.html)
- Folder Structure needed for Access SDK Client
- AccessSDKClient
- oblix
- lib
-ObAccessClient
- com
- spsolutions
- OAMAccessSDKTest.ava
- Navigate to C:\Oracle\Middleware\Oracle_IDM1\oam\server\rreg\client\RREG\rreg\output\<<WebGate>> Copy ObAccessClient.xml file and paste in lib folder as mentioned in above step.
Note: Make sure you add protected resource host name in Access SDK host Identifier list.
Code :
package com.spsolutions;
import java.util.*;
import oracle.security.am.asdk.*;
// Class to Check user authorization to a resource.
public class OAMAccessSDKTest {
public static final String ms_resource = "//oracleiam.spsolutions.com:7777/Welcome.html";
public static final String ms_protocol = "http";
public static final String ms_method = "GET";
public static final String ms_login = "<<userid>>";
public static final String ms_passwd = "<<password>>";
public static final String m_configLocation = "C:/OAMASDK";
public static void main(String argv[]) {
AccessClient ac = null;
try {
ac = AccessClient.createDefaultInstance(m_configLocation, AccessClient.CompatibilityMode.OAM_10G);
System.out.println("Configured Default Instance");
ResourceRequest rrq = new ResourceRequest(ms_protocol, ms_resource,ms_method);
System.out.println("Configured Default Instance 1");
if (rrq.isProtected()) {
System.out.println("Resource is protected.");
AuthenticationScheme authnScheme = new AuthenticationScheme(rrq);
if (authnScheme.isForm()) {
System.out.println("Form Authentication Scheme.");
Hashtable creds = new Hashtable();
creds.put("userid", ms_login);
creds.put("password", ms_passwd);
UserSession session = new UserSession(rrq, creds);
if (session.getStatus() == UserSession.LOGGEDIN)
{
if (session.isAuthorized(rrq)) {
System.out.println("User is logged in and authorized for the request at level " +session.getLevel());
String identity = session.getUserIdentity();
System.out.println("Identity --> "+identity);
// Setting up Session Variables
Hashtable sessionAttributes= new Hashtable ();
sessionAttributes.put("userid", "siva");
sessionAttributes.put("mobile", "1234567890");
sessionAttributes.put("email", "siva@abcd.com");
session.setSessionAttributes(ac, sessionAttributes);
// Getting session variables
Hashtable attrs = session.getSessionAttributes(ac);
System.out.println("Session Attributes" + attrs);
} else {
System.out.println("User is logged in but NOT authorized");
}
} else {
System.out.println("User is NOT logged in");
}
} else {
System.out.println("non-Form Authentication Scheme.");
}
} else {
System.out.println("Resource is NOT protected.");
}
}
catch (AccessException ae) {
System.out.println("Access Exception: " + ae.getMessage());
}
ac.shutdown();
}
}
Thanks!!!