Monday, October 13, 2008

Random Password Generator

A lot of places we need to create and apply Random Password upon granting a resource or creation of OIM user via code. Here is a code that would generate one and will also allow you to specify the length of random password.

================================
RandomPasswordGenerator.java
================================

import java.util.Random;

public class RandomPasswordGenerator {

public static int DEFAULT_PASSWORD_LENGTH=8;
public static char[] Special_Character = {'!','@','#','$','%','^','&','*','(',')' };
public static char getSpecialCharacter(){
Random rand = new Random();
int randInt = rand.nextInt(10);
return Special_Character[randInt];
}

public static String getPassword(int n) {
if(n <=8 ){
n=DEFAULT_PASSWORD_LENGTH;
}
char[] pw = new char[n];
int c = 'A';
int r1 = 0;
int i=0;
String tempString = new String();
while(i< n){
r1 = (int)(Math.random() * 4);
l1: switch(r1) {
case 0: c = '0' + (int)(Math.random() * 10); break l1;
case 1: c = 'a' + (int)(Math.random() * 26); break l1;
case 2: c = 'A' + (int)(Math.random() * 26); break l1;
case 3: c = getSpecialCharacter(); break;
}

char c1 = (char)c;
boolean isExisting = false;
l2: for(int j=0; j < i; j++){
if(c1 == pw[j]){
isExisting = true;
break l2;
}
}
if(!isExisting){
pw[i] = (char)c;
i++;
}

}
return new String(pw);
}
public static void main(String args[]){
System.out.println(RandomPasswordGenerator.getPassword(8));
}
}

===============================
Output would be something like:
===============================
&3FVZfxb

ACF2 Connector Details

Clarity on ACF2 Connector
==========================
Please note: Port numbers are configurable.

Pioneer & Voyager are installed on ACF2.
ldap gateway sits on OIM.

Usually, 5190 is the port on the OIM server in which the ldap gateway listens on. Voyager points to the OIM server on port 5190. PIONEER is the listener on the mainframe, the default port is 5790 (Typically 5790 unless it is reserved for another service).


Few Data Types Explored
=========================

1. TOD - String Time-of-day attribute (This is an internal MF format. It's the value returned by the TIME macro) (http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=/com.ibm.zsecure.doc/ckrbzz1902.html)


2. PACKED - Date Field (PACKED is a MF format -- basically, it's a number, but rather than being stored in binary, it's stored in a format where each nibble is one digit and the last nibble denotes the sign.

Example: x''01234C' would be 1234 (positive)) http://webster.cs.ucr.edu/AoA/Windows/HTML/DataRepresentationa7.html


3. HEX - String (hexidecimal data)

4. TIMEBIN - String (TIMEBIN is a fullword; that's 4 bytes and it's the number of .01 secs since midnight.)

5. CHEN - CHEN is character (but encrypted)

For other attributes, refer http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=/com.ibm.zsecure.doc/ckrbzz1902.html

Friday, October 10, 2008

Searching Jar Files in Unix / Linux

Lot of times we get the following errors:
Exception in thread "main" java.lang.NoClassDefFoundError: server

And we just don't know which jar file is missing from the classpath. And we need to know the correct jar file name(s) to fix the problem. So, here I create a shell script that would allow you to search through all the jar files by specifying a specific keyword. You may modify this script to search in all files (*) or whatever your criteria may be. This script works recursively for all sub-folders as well. So, you can keep this script on the root level of search and simply execute it.

=====================================
searchjars.sh
=====================================


#!/bin/sh

if [ $# -ne 1 ];
then
echo "Usage: ./searchjars.sh <keyword>"
exit
fi

LOOK_FOR="$1"

for i in `find . -name "*jar"`
do
#echo "Looking in $i ..."
jar tvf $i | grep $LOOK_FOR > /dev/null
if [ $? == 0 ]
then
echo "==> Found \"$LOOK_FOR\" in $i"
fi
done


After saving this file, don't forget to give the execute permissions to this script.

[jboss@lin01 xlclient]$chmod +x searchjars.sh

Now you are ready to execute as follows:

If you don't specify any value, the script shows you the usage command:
[jboss@lin01 xlclient]$ ./searchjars.sh
Usage: ./searchjars.sh <keyword>

When you specify the value to be searched, you will see the files that have that value in it.
[jboss@lin01 xlclient]$ ./searchjars.sh server
==> Found "server" in ./java/lib/rt.jar
==> Found "server" in ./ext/jdbcpool-0.99.jar
==> Found "server" in ./ext/nexaweb-nfc-api.jar
==> Found "server" in ./ext/jai_core.jar
==> Found "server" in ./ext/javagroups-all.jar
==> Found "server" in ./ext/jbossall-client.jar
==> Found "server" in ./ext/jboss-client.jar
==> Found "server" in ./ext/nexaweb-common.jar
==> Found "server" in ./ext/soap.jar
==> Found "server" in ./lib/xlVO.jar
==> Found "server" in ./lib/XellerateClient.jar
[jboss@lin01 xlclient]$

If you need to see what files are being looked at, uncomment (remove the #) the following line in the script:
#echo "Looking in $i ..."

Running Task Scheduler from DOS

Sometimes Scheduler does not run the tasks properly (older versions of OIM). So, here is a way to run the task scheduler from dos prompt:


===========================
Running
===========================
This tool runs on the Xellerate Server. The Xellerate Server directory, for example C:\oracle\xellerate, is denoted by ${xl.home} below.
First create a directory "RunSchedulerTask" and then copy these files (source code below)

"RunSchedulerTask.java"
"build.xml"
To run, simply open a command-line prompt, change directory to RunSchedulerTask, and run ant:
${xl.home}\ant\bin\ant.bat run -Dxl.home="${xl.home}" -Dargs="<classname> <username> <password> <task-file.properties>"


Where
classname is the full classname of the scheduler task to run
username is the Xellerate login (eg xelsysadm)
password is the login password (eg xelsysadm)
task-file.properties is the properties file containing the Scheduler Task attributes
Example
To run the AD Group Lookup reconciliation:
Create a Task attributes file "ADGroupLookupRecon.properties" and add the following lines:
Server=MyActiveDirectoryServerItResourceInstance

LookupCodeName=Lookup.ADReconliation.GroupLookup

==================================
Run Ant
==================================
${xl.home}\ant\bin\ant.bat run -Dxl.home="${xl.home}" -Dargs="com.thortech.xl.schedule.tasks.ADGroupLookupReconTask xelsysadm xelsysadm ADGroupLookupRecon.properties"



===========================
RunSchedulerTask.java
===========================

import Thor.API.Security.LoginHandler.LoginSession;
import Thor.API.Security.XLClientSecurityAssociation;
import Thor.API.tcUtilityFactory;
import com.thortech.util.logging.Logger;
import com.thortech.xl.client.dataobj.tcDataBaseClient;
import com.thortech.xl.scheduler.tasks.SchedulerBaseTask;
import com.thortech.xl.util.config.ConfigurationClient;
import java.io.*;
import java.util.Properties;

/*
* RunSchedulerTask.java
*
* Runs an Xellerate Scheduler task from the command-line.
*
*/
public class RunSchedulerTask
{
public static void help()
{
System.out.println("");
System.out.println("Runs an Xellerate Scheduler task " +
"from the command-line.");
System.out.println("");
System.out.println("Usage:");
System.out.println("RunSchedulerTask " +
"[classname] [username] [password] [task-attributes.properties]");
System.out.println(" classname : Full classname of " +
"the scheduler task class");
System.out.println(" username : Xellerate login name");
System.out.println(" password : Xellerate login password");
System.out.println(" task-attributes.properties: " +
"properties file path, contains key-value pairs of task attributes.");
}

/*
* arg[0] : recon class name. Class must derived from SchedulerBaseTask
* arg[1] : username (eg xelsysadm)
* arg[2] : password (eg xelsysadm)
* arg[3] : task attributes file (file contains key=value on each line)
*/
public static void main(String args[])
{
if (args.length < 3)
{
help();
return;
}

try
{
// Create a new instance of the scheduler task
SchedulerBaseTask task = (SchedulerBaseTask) Class.forName(
args[0]).newInstance();

// Login to Xellerate
Properties jndi = ConfigurationClient.getComplexSettingByPath(
"Discovery.CoreServer").getAllSettings();
tcUtilityFactory tcutilityfactory = new tcUtilityFactory(
jndi, args[1], args[2]);

task.setUtilityFactory(tcutilityfactory);

// Load the task scheduler attributes file
Properties attributes = new Properties();
if (args.length > 3)
{
attributes.load( new FileInputStream( new File(args[3]) ));
task.setTaskAttributeMap(attributes);
}

// Get a database handle
LoginSession loginsession = tcutilityfactory.getLoginSession();
XLClientSecurityAssociation.setGlobalLoginSession(loginsession);

tcDataBaseClient clientDB = new tcDataBaseClient();
String s = clientDB.getDatabaseName();

task.setDataBase(clientDB);

// Run
task.runAsThread();

// Print Success/Failure
boolean success = task.isSuccess();
if (!success)
{
System.out.println("TASK FAILED");

String message = task.getStatus();
System.out.println("Status: " + message);

Exception ex = task.getResult();
if (ex != null)
{
System.out.println("Exception: " + ex.getMessage());
}
}
}
catch (Exception ex)
{
ex.printStackTrace();
}

// Not sure why we need to manually exit, but without this java just hangs
System.exit(0);
}
}

==================================
Build.xml
==================================
<!--
xl.home property must be set to the xellerate home directory, example:
ant -Dxl.home="C:\xellerate9\xellerate" compile
-->
<project name="IDM" default="compile" basedir=".">
<property name="xl.home" value="C:\xellerate9\xellerate"/>

<path id="classpath.server.xellerate">
<pathelement location="${xl.home}/lib/xlAdapterUtilities.jar"/>
<pathelement location="${xl.home}/lib/xlAPI.jar"/>
<pathelement location="${xl.home}/lib/xlAuthentication.jar"/>
<pathelement location="${xl.home}/lib/xlCrypto.jar"/>
<pathelement location="${xl.home}/lib/xlDataObjects.jar"/>
<pathelement location="${xl.home}/lib/xlDataObjectBeans.jar"/>
<pathelement location="${xl.home}/lib/xlScheduler.jar"/>
<pathelement location="${xl.home}/lib/xlLogger.jar"/>
<pathelement location="${xl.home}/lib/xlUtils.jar"/>
<pathelement location="${xl.home}/lib/xlVO.jar"/>
<pathelement location="${xl.home}/ext/log4j-1.2.8.jar"/>
</path>

<path id="classpath.client.xellerate">
<fileset dir="${xl.home}/lib">
<include name="**/*.jar"/>
</fileset>
<fileset dir="${xl.home}/ext">
<include name="**/*.jar"/>
</fileset>
<fileset dir="${xl.home}/ScheduleTask">
<include name="**/*.jar"/>
</fileset>
<fileset dir="${xl.home}/JavaTasks">
<include name="**/*.jar"/>
</fileset>
</path>

<target name="init">
<copy todir="config"><fileset dir="${xl.home}/config"/></copy>
</target>

<target name="compile">
<javac srcdir="." destdir="." debug="on">
<classpath>
<path refid="classpath.server.xellerate"/>
</classpath>
</javac>
</target>

<target name="run" depends="init,compile">
<java classname="RunSchedulerTask" fork="true">
<classpath>
<path location="."/>
<path refid="classpath.client.xellerate"/>
</classpath>

<sysproperty key="java.security.auth.login.config"
value="${xl.home}/config/auth.conf"/>
<sysproperty key="XL.RedirectSysOutErrToFile" value="false"/>
<arg line="${args}" />
</java>
</target>
</project>

source courtesy:http://zerointech.com/xellerate-idm-run-schedulertask.html

Friday, October 3, 2008

OIM Backdoor Queries

1. Getting all information about Email Definition:
======================================================
select emd.emd_subject, emd.emd_name,emd.usr_key, emd.emd_body, emd.emd_from_type, emd.emd_type from emd emd where emd.emd_name='Email Definition Name'

2. Updating Resource Status to Revoked for a given resource:
==========================================================

update oiu set ost_key = (select ost_key from ost where obj_key in ( select obj_key from obj where obj_name like 'RESOURCENAME' ) and ost_status like 'Revoked') where ORC_KEY = 'Process Instance Key'

update orc set orc_status='X' where orc_key = 'Process Instance Key'

PeopleSoft Listener Issues

Making PeopleSoft Connector URL work can be an issue sometimes.
So, here is the process you need to follow to make it work:

1. Create a folder C:\TEMPSFT

2. cd\TEMPSFT

3. In this folder copy your peopleSoftUserMgmt.war

4. Create another folder C:\TEMPSFT\META-INF

5. Under this folder C:\TEMPSFT\META-INF, create a file called application.xml

6. Put the following contents:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE application PUBLIC "-//Sun Microsystems, Inc.//DTD J2EE Application 1.2//EN" "http://java.sun.com/j2ee/dtds/application_1_2.dtd">
<application>
<display-name>PeopleSoft UserMgmt Listener</display-name>
<module>
<web>
<web-uri>peopleSoftUserMgmt.war</web-uri>
<context-root>/peopleSoftUserMgmt</context-root>
</web>
</module>
</application>

7. Create another file MANIFEST.MF with the following contents:
Manifest-Version: 1.0
Ant-Version: Apache Ant 1.5.3
Created-By: 1.4.2_17-b06 (Sun Microsystems Inc.)
Assembled-By: XIM Assembler
Assembled-At: 07/01/2008 21:10
Product-Version: 9.1.0
Build-Number: 9.1.0.1849.0

8. Go to C:\TEMPSFT folder and execute the following command:

jar -cvf peopleSoftUserMgmt.ear peopleSoftUserMgmt.war META-INF/

9. Now, deploy (copy) peopleSoftUserMgmt.ear file in your application server. Say for JBOSS:
C:\jboss4.0.3SP1\server\default\deploy

10. Restart your app server.

11. Now your application should be ready to recieve the PSFT xml:

Your url should be:

http://<hostname>:<port>/peopleSoftUserMgmt/do/peopleSoftAction

12. Go to your out of the box connector test folder now and try to change server url and test psft-xel-test.vbs

13. You should see a reconciliation event now in Design Console and trace.txt should show the contents of the xml posted to this listener.

14. Same steps can be applied to Employee Reconciliation.