• Find us:
    +1-669-900-5138   |   +44-203-372-5553
  • Free Newsletter

    Get Latest Updates

  • Make Training Enquiry


    Company

  • Categories

  • Archive

  • How to set and get session attributes in OAM 11g

    Posted by "" in "idm, oam, Session, sso" on 2012-05-04

    Session & session attributes are newly introduced in OAM 11g. OAM 11g maintains a session at server side the sessionIds are managed by Session Management Engine SME. How to retrieve session IDs from OAM server are explained in post. So this post will give a sample code snippet to set and retrieve session attributes from session.

    OAM session ID is around 20 characters and will be of the format d331ab34-2e17-4c5c-8ba1-a7cdf695150c. Session IDs can also be seen in OAM database schema by using sql command select * from oam_session;

    The above sql command output will have results similar as shown below.

    SESSIONID
    ——————————————————————————–
    USERID
    ——————————————————————————–
    IDENTITY_DOMAIN
    ——————————————————————————–
    SESSION_INDEX
    ——————————————————————————–
    CREATE_TIME
    —————————————————————————
    LAST_ACCESS_TIME
    —————————————————————————
    LAST_UPDATE_TIME
    —————————————————————————
    EXPIRY_TIME
    4c2cdff7-0cbf-4723-aaab-489c06366d96
    LN-Admin
    NewOVDStore
    -3226491390739477568
    04-MAY-12 03.28.39.124000 AM
    04-MAY-12 03.28.39.124000 AM
    04-MAY-12 03.28.41.536000 AM
    04-MAY-12 11.28.39.124000 AM

    So it is merely easy to identify the session ID associated with which user IDs. The same behavior can also be seen in OAM console in Session Management section.

    So the below snippet can be used to set and retrieve the session attributes from session.

    Hashtable credentials = new Hashtable ();
    credentials.put(“userid”, user_login);
    credentials.put(“password”, user_passwd);
    try{
    AccessClient ac=null;
    ResourceRequest req ;
    ac = AccessClient.createDefaultInstance(Location,AccessClient.CompatibilityMode.OAM_10G);
    req = new ResourceRequest(protocol, resource,method_way);
    System.out.println(“Location–>”+Location);
    UserSession session = new UserSession(req,credentials);
    String sessionToken=session.getSessionToken();
    System.out.println(sessionToken);
    Set set=session.getSessionIds(user_login);

    Iterator it = set.iterator();

    String sessionID = “”;

    while (it.hasNext()){

    sessionID = it.next();

    }
    System.out.println(“Sessionattr—>”+set);

    Hashtable sessionAttributes= new Hashtable ();
    sessionAttributes.put(“userid”, “mahendra”);
    sessionAttributes.put(“mobile”, “999123412”);

    sessionAttributes.put(“email”, “mahendra@abcd.com”);

    UserSession.setSessionAttributes(sessionID, sessionAttributes);

    Hashtable sessionAttrs = UserSession.getSessionAttributes(sessionID);

    System.out.println(“userid from session Attributes ===>”+sessionAttrs.get(“userid”));
    System.out.println(“mobile from session Attributes ===>”+sessionAttrs.get(“mobile”));
    System.out.println(“email from session Attributes ===>”+sessionAttrs.get(“email”));

    }catch(Exception e){}

    In OAM 11g user can have multiple sessions and based on this, the attributes can be retrieved in a loop.

    8 Responses to “How to set and get session attributes in OAM 11g”

    1. JPaauw says:

      I believe there is a bug in this code snippet. You are setting sessionId to the value of getSessionToken, which is actually the token, and not the ID, and, therefore, it can not be used to setSessionAttributes. Is there a way to get the session ID from the session token? I do not see any way possible in the OAM SDK short of getting the

    2. Mahendra says:

      Hello,

      Yes – that’s right. The code snippet gets the sessionId from session.getSessionToken() and I have copied the code from testing code from multiple methods. THere is no way to get session ID from sessionToken. SessionID is purely OAM server side value.

      In the code snippet, from the session.getSessionIds which is returning Set has to be iterated to get Session ID which is updated in the above code now.

    3. imran says:

      hi,
      I got error message when trying to login into OAM admin console after fresh install. Any suggestions please.

    4. Ignited Mind says:

      Hi Experts,

      I have understood that IAM will have obssocookie (10gwebgate), OAM_RMOETE_HEADER (OAM-identity assertor), any thing like session as well ?

      Question is
      Where is a mapping of enterprise Application session and OAM session ? in other words where we do configuration/assignment of session?

      Assumption : Enterprise application is deployed on one weblogic. (application like ADF,WCP,EJB)
      IAM is on another weblogic.

      Help appreciated

    5. Ignited Mind says:

      Hi Mahendra,

      I have understood that IAM will have obssocookie (10gwebgate), OAM_RMOETE_HEADER (OAM-identity assertor), any thing like session as well ?

      Question is
      Where is a mapping of enterprise Application session and OAM session ? in other words where we do configuration/assignment of session?

      Assumption : Enterprise application is deployed on one weblogic. (application like ADF,WCP,EJB)
      IAM is on another weblogic.

      Help appreciated

    6. Mahendra says:

      Ignited Mind,

      When OAM is integrated with application deployed in WebLogic Server, the session settings in the application should be disabled/commented. One should leave session management to OAM to handle.

      Hope this helps.

      -Mahendra

    7. venkat28 says:

      Hello Mahendra,

      Can I define session attributes via authorization policy responses under application domain for a OAM 10G Webgate and retrieve the attributes using getSessionAttributes method.

      Thanks
      Venkat

    8. Eslam Hassan says:

      Hi Mahendra,

      How to collect the user attributes in the session hashtable at runtime?

    Leave a Reply



  • K21 Technologies is among the most experienced Oracle Gold Partner for Identity Access Management service providers. We work with application development companies and in-house technology division to help achieve significant returns on their IT security investment. Our clientele includes some of the globally renowned corporate, which speaks of our expertise in our field.

    We have the most talented and experienced team that can swiftly deploy security solutions even in complex IT ecosystem. Our clients highly appreciate our timely implementation, interactive training, on-demand support and community resources.
  • CONTACTS

    K21 Technologies
    8 Magnolia Place, Harrow,
    London, HA2 6DS

    UK: +44(0)7476444481
    USA: +1-888-414-1821

  • 2014, K21 Technologies. All rights reserved DMCA.com
  • TOP
    TOP