The following code samples can either be used from within an application deployed to a WebLogic server, or from within a standalone JavaSE application. When running from a JavaSE application, I had to explicitly set the path to the JPS configuration file, otherwise it would default to ./config/jps.config.xml (even though, according to the documentation, there should be default configuration files below the $DOMAIN_HOME directory):
// specify the configuration file - otherwise, would default to ./config/jps-config.xml
System.setProperty("oracle.security.jps.config", "../src/META-INF/jps-config.xml");
See also the Oracle Fusion Middleware Java API Reference for Oracle Platform Security Services for more information about the API.
The first step is to retrieve a JpsContext – we use the default context here:
// This call evaluates the configuration file - // if the configuration file is invalid an exception is thrown JpsContextFactory ctxFactory = JpsContextFactory.getContextFactory(); // Retrieve the default JpsContext JpsContext ctx = ctxFactory.getContext();
From the context, we can get a list of all available service instances:
Collection<ServiceInstance> sis = ctx.getServiceInstances();
for (ServiceInstance si : sis) {
System.err.println(si);
}
We can retrieve the PolicyStore from the configuration service and list all application roles and all grants – the policy store name refers to the name of the policy store as defined in the jazn-data.xml file:
PolicyStore policyStore = ctx.getServiceInstance(PolicyStore.class);
ApplicationPolicy ap = policyStore.getApplicationPolicy("policyName");
List<JpsApplicationRole> appRoles = ap.getAllAppRoles();
for (JpsApplicationRole appRole : appRoles) {
System.err.println(appRole);
}
List<GrantEntry> grants = ap.getGrantEntries();
for (GrantEntry grant : grants) {
System.err.println(grant);
}
We can also retrieve the IdentityStore (through the IdentityStoreService interface) and list all users and all groups, using the User & Role API (normally we would look for a more specific user, retrieving all users and all groups might result in a lot of data):
IdentityStoreService iss = ctx.getServiceInstance(IdentityStoreService.class);
IdentityStore is = iss.getIdmStore();
// create a search filter and the search parameters
SimpleSearchFilter sf1 = is.getSimpleSearchFilter(
UserProfile.NAME,
SimpleSearchFilter.TYPE_EQUAL,
null);
sf1.setValue(sf1.getWildCardChar());
SearchParameters params = new SearchParameters();
params.setFilter(sf1);
// get all users
SearchResponse result = is.searchUsers(params);
while(result.hasNext()) {
Identity id = result.next();
System.err.println(id);
}
// get all enterprise roles (groups)
result = is.searchRoles(IdentityStore.SEARCH_BY_NAME, params);
while(result.hasNext()) {
Identity id = result.next();
System.err.println(id);
}