30.3 Role Web Service Examples

This section provides examples that demonstrate how you might use the Role service.

30.3.1 Retrieving Roles for a Group

This example shows how to retrieve the role assignments for a given group:

public void getGroupTestCase()
    throws Exception
  {
    System.out.println("\n****************Calling getGroupTestCase()********************************");
    String groupDN = "cn=HR,ou=groups,ou=medical-idmsample,o=netiq";
    try
    {
      IRemoteRole stub = getRolesStub(username, password, acceptlanguage);
      Group group = stub.getGroup(groupDN);
      //Assert.assertNotNull("Group not found", group);
      if (group != null)
      {
        System.out.println("Group Found:");
        System.out.println("   entityKey          : " + group.getEntityKey());
        System.out.println("   identityType       : " + group.getIdentityType().getValue());
        System.out.println("   description        : " + group.getDescription());

        DNString[] roles = group.getAssociatedRoles().getDnstring();
        if (roles != null)
        {
          System.out.println("no of associated roles: " + roles.length);
          for (int rIndex = 0; rIndex < roles.length; rIndex++)
          {
            System.out.println("      role: " + rIndex);
          }
        }
        else
        {
          System.out.println("no of associated roles:0");
        }

        RoleAssignment[] assignments = group.getRoleAssignments().getRoleassignment();
        PrintRoleUtils.getAssignments(assignments);
      }
      else
        System.out.println("Group not found");
    }
    catch (NrfServiceException nrf)
    {
      throw new Exception(nrf.getMessage());
    }
    catch (RemoteException re)
    {
      throw new Exception(re.getMessage());
    }
  }

...
 /**
     * Returns the Roles remote stub
     * @param username - user name
     * @param password - password
     * @param acceptLanguage - HTTP header Accept-Language
     * @return the Roles remote stub
     * @throws Exception - catch all exceptions
     */
    public static IRemoteRole getRolesStub(String username, 
                                        String password, 
                                        String acceptLanguage)
        throws Exception
    {
        Stub stub = null;
        String stubCacheKey = username + ":" + password;
        if (g_rolesStubCache.containsKey(stubCacheKey)) {
            g_log.debug("Using Cached Roles stub for [" + username + "]");
            stub = (Stub) g_rolesStubCache.get(stubCacheKey);
        } else {
            g_log.debug("Using New Roles stub");
            RoleService service = new RoleServiceImpl();
            stub = (Stub) service.getIRemoteRolePort();

            if (username != null && password != null) {
                stub._setProperty(Stub.USERNAME_PROPERTY, username);
                stub._setProperty(Stub.PASSWORD_PROPERTY, password);
            }

            stub._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY,
ServletParameters.getInstance().getUserAppUrl() + ROLES_SERVICE);
            stub._setProperty(Stub.SESSION_MAINTAIN_PROPERTY, Boolean.TRUE);

            g_rolesStubCache.put(stubCacheKey, stub);
        }

        Properties props = new Properties();
        props.setProperty("Accept-Language", acceptLanguage);
        stub._setProperty(Stub.HTTP_HEADERS, props);

        return (IRemoteRole) stub;
    }

30.3.2 Retrieving Role Assignment Request Status

Returns a list of role assignment request status instances given a correlation ID.

  public void getRoleAssignmentRequestStatusTestCase()
    throws Exception
  {
    System.out.println("\n****************Calling 


getRoleAssignmentRequestStatusTestCase()********************************");
    String correlationId = "9a5feec728864b55ac443724a915e831";
    try
    {
      IRemoteRole stub = getRoleStub(url, username, password);
      RoleAssignmentRequestStatusArray reqArray = stub.getRoleAssignmentRequestStatus(correlationId);
      RoleAssignmentRequestStatus[] reqStatus = reqArray.getRoleassignmentrequeststatus();
      //Assert.assertNotNull("RoleAssignmentRequestStatus object is null for 


getRoleAssignmentRequestStatus", reqStatus);
      if (reqStatus != null)
        System.out.println(PrintRoleUtils.getRequestStatus(reqStatus));
      else
        System.out.println("RoleAssignmentRequestStatus object is null for 


getRoleAssignmentRequestStatus");

      //result += Util.getRequestStatus(reqStatus);
    }
    catch (NrfServiceException nrf)
    {
      throw new Exception(nrf.getMessage());
    }
    catch (RemoteException re)
    {
      throw new Exception(re.getMessage());
    }

  }

30.3.3 Retrieving Type Information for a Role Assignment

This example shows how to retrieve the type for a role assignment:

  public void getRoleAssignmentTypeInfoTestCase()
    throws Exception
  {
    System.out.println("\n****************Calling 


getRoleAssignmentTypeInfoTestCase()********************************");
    try
    {
      IRemoteRole stub = getRoleStub(url, username, password);

      RoleAssignmentTypeInfo info =
        stub.getRoleAssignmentTypeInfo(RoleAssignmentType.fromValue("ROLE_TO_ROLE"));
      //Assert.assertNotNull("Role Assignment Type Info Not Found for getRoleAssignmentTypeInfo", info);
      if (info != null)
      {
        System.out.println("Role Assignment Type Info:");
        System.out.println("            identity type: " + info.getIdentityType().getValue());
        System.out.println("         subtree included: " + info.getSubtreeIncluded());
        System.out.println("        suports approvals: " + info.getSupportsApproval());
        System.out.println("  supports effective date: " + info.getSupportsEffectiveDate());
        System.out.println("      supports expiration: " + info.getSupportsExpiration());
        System.out.println("    supports SOD Approval: " + info.getSupportsSODApproval());
      }
      else
        System.out.println("Role Assignment Type Info Not Found for getRoleAssignmentTypeInfo");
    }
    catch (NrfServiceException nrf)
    {
      throw new Exception(nrf.getMessage());
    }
    catch (RemoteException re)
    {
      throw new Exception(re.getMessage());
    }

  }

30.3.4 Retrieving Role Categories

This example shows how to retrieve the defined role categories:

  public void getRoleCategoriesTestCase()
    throws Exception
  {
    System.out.println("\n****************Calling getRoleCategoriesTestCase()********************************");
    try
    {
      IRemoteRole stub = getRoleStub(url, username, password);
      CategoryArray entriesArray = stub.getRoleCategories();
      Category[] entries = entriesArray.getCategory();
      Assert.assertNotNull("No categories found.", entries);
      if (entries != null)
      {
        System.out.println("no of categories:" + entries.length);

        for (int i = 0; i < entries.length; i++)
        {
          System.out.println("   category key  : " + entries[i].getCategoryKey());
          System.out.println("   category label: " + entries[i].getCategoryLabel());
        }
      }
      else
        System.out.println("No categories found.");
    }
    catch (NrfServiceException nrf)
    {
      throw new Exception(nrf.getMessage());
    }
    catch (RemoteException re)
    {
      throw new Exception(re.getMessage());
    }

  }

30.3.5 Retrieving Role Levels

This example shows how to retrieve the defined role levels:

  public void getRoleLevelsTestCase()
    throws Exception
  {
    System.out.println("\n****************Calling getRoleLevelsTestCase()********************************");
    try
    {
      IRemoteRole stub = getRoleStub(url, username, password);
      RoleLevelArray roleLevelArray = stub.getRoleLevels();
      RoleLevel[] entries = roleLevelArray.getRolelevel();
      //Assert.assertNotNull("No role levels found.", entries);
      if (entries != null)
      {
        System.out.println("no of levels:" + entries.length);

        for (int index = 0; index < entries.length; index++)
        {
          System.out.println("   Level      : " + entries[index].getLevel());
          System.out.println("   Name       : " + entries[index].getName());
          System.out.println("   Description: " + entries[index].getDescription());
          System.out.println("   Container  : " + entries[index].getContainer());
        }
      }
      else
        System.out.println("No role levels found.");
    }
    catch (NrfServiceException nrf)
    {
      throw new Exception(nrf.getMessage());
    }
    catch (RemoteException re)
    {
      throw new Exception(re.getMessage());
    }

  }

30.3.6 Verifying Whether a User Is In a Role

This example shows how to determine whether a user has been assigned to a role:

  public void isUserInRoleTestCase()
    throws Exception
  {
    System.out.println("\n****************Calling isUserInRoleTestCase()********************************");
    String[] DNs = {
                "cn=ablake,ou=users,ou=medical-idmsample,o=netiq",
                "cn=Doctor,cn=Level20,cn=RoleDefs,cn=RoleConfig,cn=AppConfig,cn=HajenDriver,cn=TestDrivers,o=netiq"
                };
    try
    {
      IRemoteRole stub = getRoleStub(url, username, password);
      boolean inRole = stub.isUserInRole(DNs[0], DNs[1]);

      String sInRole = "User Not In Role";
      if (inRole)
        sInRole = new String("User In Role");

      System.out.println(sInRole);
    }
    catch (NrfServiceException nrf)
    {
      throw new Exception(nrf.getMessage());
    }
    catch (RemoteException re)
    {
      throw new Exception(re.getMessage());
    }

  }