Wednesday, February 2, 2011

How to reset the OIM password without using the Identity Manager UI

Typically the ODSM (Oracle Directory Services Manager) allows the user to change the passwords using the url http://hostname:7005/odsm . There are situations where one needs to change the password via a Java Web Service. This Post uses the OID (Oracle Internet Directory) Java API to reset password information.


import java.io.InputStream;
import java.util.Hashtable;
import java.util.Properties;
import javax.naming.Context;
import javax.naming.NamingException;
import javax.naming.directory.InitialDirContext;
import javax.naming.ldap.InitialLdapContext;

import oracle.ldap.util.AuthFailureException;
import oracle.ldap.util.LDIF;
import oracle.ldap.util.ModPropertySet;
import oracle.ldap.util.RootOracleContext;
import oracle.ldap.util.User;
import oracle.ldap.util.Util;
import oracle.ldap.util.UtilException;
import oracle.ldap.util.Subscriber;

public class OIDAuthenticate implements OIDConstants {
    public OIDAuthenticate() {
        super();
    }
  
        public String oidResetPassword(String userId,
               String password) throws OIDException {
        InitialDirContext ctx = null;
        try {
            ctx = getOIDConnection();
            RootOracleContext roc = null;
            Subscriber sub = null;
            User user = null;
            roc = new RootOracleContext(ctx);
            try {
                sub = roc.getSubscriber(ctx,util.IDTYPE_DEFAULT, 
                      null, new String[] { "*" });
            } catch (UtilException ue) {
                OIDException le =
                    new OIDException(ue.getLDAPErrorCode() + "", 
                    ue.getMessage());
                le.printStackTrace();
            }            try {
                user =
                 sub.getUser(ctx, Util.IDTYPE_SIMPLE, 
                 userId, new String[] { "*" });
            } catch (UtilException e) {
                OIDException le =
                    new OIDException(e.getLDAPErrorCode() + "", 
                    e.getMessage());
                le.printStackTrace();
            }

            ModPropertySet mps = new ModPropertySet();
            mps.addProperty(LDIF.ATTRIBUTE_CHANGE_TYPE_REPLACE,
                 "userpassword",password);
            user.setProperties(ctx, mps);
            return STR_SUCCESS;
        } catch (Exception e) {
            System.out.println("Problem resetting password: ");
            e.printStackTrace();
            return "EXCEPTION_OCCURED";
        }finally
        {   
          try {
              if(ctx!=null) ctx.close();
          } catch (NamingException ue) {
              throw new OIDException("ERR", ue.getMessage());
          }
        } 
    }
    public InitialDirContext getOIDConnection() throws OIDException{
        InitialDirContext ctx;

        try {
            Hashtable env = new Hashtable();
            env.put(Context.INITIAL_CONTEXT_FACTORY,
                    "com.sun.jndi.ldap.LdapCtxFactory");
            env.put(Context.SECURITY_AUTHENTICATION, "simple");
            env.put(Context.SECURITY_PRINCIPAL, "cn=orcladmin");
            env.put(Context.SECURITY_CREDENTIALS, "password1");
            env.put(Context.PROVIDER_URL,               
                                       "ldap://hostname:3060/");
            env.put(Context.REFERRAL, "follow");

            ctx = new InitialLdapContext(env, null);

            return ctx;
        } catch (NamingException ne) {
            throw new OIDException("EXCEPTION_!", 
                                    ne.getMessage());  
        }
    }
}

For questions, comments and feedback,  please contact:
 Harvinder Singh Saluja

ForgeRock: Open AM. Install Open AM 5.5 with Tomcat 8.0 - Part 1- Install Tomcat

This BLOG thread discusses on steps to install and configure Open AM 5.5 with Tomcat 8.0. Install Tomcat. You can always find the l...