Writing Java Extensions in ITIM
By Siva Praturi
The Identity Manager provisioning platform is designed with
extensibility as a primary goal. Below are few typical scenarios in which we generally
extend ITIM capability to meet business requirements.
-
Generate
UniqueIds during provisioning accounts
-
Adding
custom debug messages to ITIM log
-
Custom
approval process that is determined by looking up an approver in a database
You can extend ITIM workflows in two ways: create a workflow extension in Java that can be
called as a regular operation, or extending the
JavaScript Engine with Java
To Extend JSEngine, One method to write an extension in java that is
called from Tivoli Identity Manager (TIM), is to add a
new custom class into the application and then call it from Javascript.
There is an alternative method, which uses classes that implement the com.ibm.itim.script.ScriptExtension interface.
This method allows extensions to be limited to specific TIM components and
access context information such as variables. This method is more complicated.
Developing Java Extensions in ITIM
Below figure shows typical deployment of custom Java
Extensions in ITIM.
Steps involved in writing Java Extensions in ITIM are
- Develop
& build custom java code as per business requirement.
- Deploying
the new extension.
-
Updating the Application Server's Classpath
-
Registering the JavaScript Extensions
- Test Java Extensions by calling them from ITIM workflows.
Updating the Application Server's Classpath
TIM is a J2EE application, running on top of IBM WebSphere
Application Server (WAS). To add a Java class to the application, follow these
steps:
1. Compile the Java code into a class file. To use the TIM
API, put $ITIM_HOME/lib/itim_server.jar the class path
2. Include the Java class and properties file into a Java
archive (JAR) file.
3. Log on to the WAS integrated services console. Perform
step 4 or step 5 to add jar file to classpath
4. Create a new shared library that includes the JAR file
you created. Modify the ITIM application: Change the Shared library references
to add the new shared library.
5. Another option is to Expand ‘Environment’ menu and click
on ‘Shared Libraries’. Click on ‘ITIM_LIB’ shared library. Under ‘General
Properties’, append in (JAR) file in list of Classpath property.
6. Save the modified WAS configuration.
Registering the JavaScript Extensions
There are the steps to call the new class from JavaScript:
1. Edit this file:
$ITIM_HOME/data/scriptframework.properties
In the file, add a property that starts with ITIM.java.access whose value is equal to
the name of the new class. For example: ITIM.java.access.test=com.ibm.tivoli.javaext.TestClass
2. Restart WebSphere Application Server
3. Use the class in JavaScript within ITIM to test it. For example:
define a variable test in identity
policy and request an account.
var test = new
com.ibm.tivoli.javaext.TestClass()
Note: To learn more on ITIM Extensions, look at the demonstration
code at $ITIM_HOME/extensions/5.1/examples/directory.
Thanks for the valuable post. :)
ReplyDeleteI really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in IBM TIVOLI IDENTITY/ACESS MANAGER, kindly Contact MaxMunus
ReplyDeleteMaxMunus Offer World Class Virtual Instructor led training on IBM TIVOLI IDENTITY/ACESS MANAGER. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 1,00,000 + trainings in India, USA, UK, Australlia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
For Demo Contact us.
Avishek Priyadarshi
MaxMunus
E-mail: avishek@maxmunus.com
Skype id: avishek_2 .
Ph:(0) 8553177744 / 080 - 41103383
www.MaxMunus.com