Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Manage Users and Roles with Common Directory Services API

    Hochgeladen von

    César Fernández
    126 Ansichten6 Seiten
    This document provides information on using the Common Directory Services (CDS) API to manage user and role information across different directory services in My webMethods Server, including the system directory, LDAP, and databases. It describes initializing and authenticating with CDS, searching for and updating user/role attributes, and includes code examples for common CDS tasks like listing roles, looking up a user, and creating a new static role.

    Originalbeschreibung:

    SAG CDS API

    Originaltitel

    Working With the CDS API

    Copyright

    © © All Rights Reserved

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    This document provides information on using the Common Directory Services (CDS) API to manage user and role information across different directory services in My webMethods Server, including the system directory, LDAP, and databases. It describes initializing and authenticating with CDS, searching for and updating user/role attributes, and includes code examples for common CDS tasks like listing roles, looking up a user, and creating a new static role.

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    126 Ansichten6 Seiten

    Manage Users and Roles with Common Directory Services API

    Hochgeladen von

    César Fernández
    This document provides information on using the Common Directory Services (CDS) API to manage user and role information across different directory services in My webMethods Server, including the system directory, LDAP, and databases. It describes initializing and authenticating with CDS, searching for and updating user/role attributes, and includes code examples for common CDS tasks like listing roles, looking up a user, and creating a new static role.

    Copyright:

    © All Rights Reserved
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 6

    Working with the Common Directory Services API

    Managing User Information with the Common Directory Service API . . . . . . . . . . . . . . . . . . . . . 2


    About the Common Directory Services API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
    Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
    CDS Code Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

    1
    Working with the Common Directory Services API

    Managing User Information with the Common Directory


    Service API
    My webMethods Server provides several directory service options for managing users
    and groups:
    My webMethods system directory. This is an internal My webMethods Server user
    directory, available by default in all installations of My webMethods Server. You can
    access information in this directory server using the My webMethods user interface
    and the Common Directory Services (CDS) API. Both read and write access are
    available.
    LDAP (Lightweight Directory Access Protocol). My webMethods enables you to
    define one or more external LDAP user directories. For a list of supported directory
    server products, see the PDF publication webMethods System Requirements. You can
    access information in this directory server using the My webMethods user interface
    and the CDS API. Only read access is available.
    Database. My webMethods Server also enables you to authenticate users against a
    database directory, which is a set of RDBMS tables and an SQL configuration to access
    these tables. You can implement a custom authentication module to extend
    authentication against a database directory. You can access information in this
    directory server using the My webMethods user interface and the CDS API. Only
    read access is available.
    My webMethods Server and applications and services running within it can access the
    user information contained in these directories, and you can configure external
    applications and services that have access to My webMethods Server to use this data.
    In addition to working with users and groups in a directory service, you can access and
    maintain role information, which is maintained separately in the My webMethods Server
    database.
    For example, you can:
    Configure other suite applications, such as webMethods Integration Server, to
    authenticate users from any of the above user directory options instead of from a user
    directory unique to Integration Server.
    Configure a process step in a business process to call a Java service to obtain user
    attributes from the directory service or role membership from the My webMethods
    Server database, and pass that data into the process pipeline.
    Configure a Java service to assign a user to a role programmatically.
    The CDS API offers support for the following:
    Search and discovery of users, groups, and roles.
    Support for LDAP search controls for large directories.
    Create and update users and groups in the system directory. All other external
    directories are read-only.

    2
    Working with the Common Directory Services API

    Delete users and groups from the system directory.


    Create, update, and delete roles in My webMethods Server.
    Read custom attributes from LDAP and database directories.
    Read and write custom profile attributes for users, groups, and roles (that is,
    attributes which are not managed by external directories).
    To view the Javadoc for the Common Directory Services API, refer to these packages:
    com.webmethods.sc.directory
    com.webmethods.sc.mws
    Javadocs can be installed with other My webMethods Server documentation using the
    Software AG Installer, and they are also available from the Web site
    http://documentation.softwareag.com/.

    About the Common Directory Services API


    When connected to a My webMethods Server database schema, CDS behaves very much
    like a My webMethods Server cluster instance, and it participates in all the distributed
    caching across a My webMethods Server cluster. For example, when a system directory
    user is updated, this change is immediately seen by all CDS instances connected to the
    same database.
    Directory services are defined and managed in My webMethods Server, by logging in to
    My webMethods as either sysadmin or as Administrator. For more information about
    working with directory services, see "Managing Directory Services" and "Managing
    External Directory Services" in the PDF guide Administering My webMethods Server.
    In addition to working with the CDS API, you can use the My webMethods interface to
    perform all directory management activities:
    User, group, and role management. For more information, see Part 2, "Administrator
    Functions" in the PDF guide Administering My webMethods Server.
    Authentication management. For more information, see Part 3, "System Administrator
    Functions" in the PDF guide Administering My webMethods Server.
    Implementation of attribute providers. For more information, see Part 3, "System
    Administrator Functions" in the PDF guide Administering My webMethods Server.

    Prerequisites
    Before you can work with the CDS API, you must take the following actions:
    The My webMethods Server database tables must be created by the webMethods
    Database Component Configurator. This is normally carried out immediately after
    installation.

    3
    Working with the Common Directory Services API

    The My webMethods Server instance must be created and started.


    CDS must be initialized with a JDBC connection to the My webMethods Server
    database schema. For more information, see Initializing Common Directory
    Services below.

    Class Path Considerations


    If you want to use CDS in a stand-alone application, in addition to providing the correct
    JDBC connection information, all CDS .jar files must be present in the class path of the
    external application running CDS. To ensure that these .jar files are available, include all
    .jar files from Software AG_directory/common/lib and /common/lib/ext (assuming you
    have a standard installation of My webMethods Server and Integration Server).

    Initializing Common Directory Services


    When the CDS API is accessed from inside My webMethods Server (from a CAF
    application for example), CDS is already initialized and no further action is needed. If
    you want to use the CDS API from an external application or service that has access to
    My webMethods Server, the CDS API must be explicitly initialized from the external
    application or service.
    You initialize Common Directory Services by invoking the
    com.webmethods.sc.mws.MWSLibrary.init() static method. The input parameters are
    expected as Java system properties and must describe a JDBC connection URL to a My
    webMethods Server database schema. Instead of using remote call backs to My
    webMethods Server, the CDS API connects to this schema and reads all configuration
    and principal information.
    Here is sample code showing how to initialize CDS using the MWSLibrary class:
    System.setProperty(MWSLibrary.SYSTEM_PROP_DB_DRIVER,
    "com.wm.dd.jdbc.sqlserver.SQLServerDriver"); // JDBC Driver Class
    System.setProperty(MWSLibrary.SYSTEM_PROP_DB_URL,
    "jdbc:wm:sqlserver://localhost:1433;DatabaseName=webm82_dev"); // JDBC
    Connection URL
    System.setProperty(MWSLibrary.SYSTEM_PROP_DB_USER, "webm82_dev"); // DB username
    System.setProperty(MWSLibrary.SYSTEM_PROP_DB_PASSWORD, "password"); // DB
    password
    MWSLibrary.init();

    CDS Code Examples


    The following are a few examples of common CDS code:

    List All Roles


    IDirectorySession session =
    DirectorySystemFactory.getDirectorySystem().createSession();

    4
    Working with the Common Directory Services API

    List roles = session.listRoles();


    for (IDirectoryRole role: roles) {
    String roleID = role.getID();
    String roleName = role.getName();
    String roleDN = role.getDN();
    }

    Lookup a User by Name and Fetch all Attribute


    IDirectorySession session =
    DirectorySystemFactory.getDirectorySystem().createSession();
    IDirectoryUser user = (IDirectoryUser) session.lookupPrincipalByName("user1",
    IDirectoryPrincipal.TYPE_USER);
    Map attributes = user.getAllAttributes();

    Authenticate User
    IDirectorySession session =
    DirectorySystemFactory.getDirectorySystem().createSession();
    IDirectoryUser user = session.authenticateUser("username", "password");

    Create Static Role and Add User as a Member


    IDirectorySession session =
    DirectorySystemFactory.getDirectorySystem().createSession();
    IDirectoryUser user = (IDirectoryUser) session.lookupPrincipalByName("user1",
    IDirectoryPrincipal.TYPE_USER);
    IDirectoryRole role = session.createRole(IDirectoryRole.STATIC_ROLE_TYPE,
    "roleName", Collections.EMPTY_MAP);
    session.addPrincipalToRole(user.getID(), role.getID());

    5
    Working with the Common Directory Services API

    Das könnte Ihnen auch gefallen