============================================================================= ########### ORACLE Entitlements Server 11g ################# ########### Management API (MAPI) Sample application ################# ########### README ################# ----------------------------------------------------------------------------- Author : Aditya Kelkar (aditya.kelkar@oracle.com) Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved. ----------------------------------------------------------------------------- INTRODUCTION : This Example has been created to illustrate the functionality of MAPI which allows management of policy artifacts in the OES Policy Store. Note : [ This MAPI Sample is developed to be deployed on Weblogic Server. ] ----------------------------------------------------------------------------- CODE ORGANIZATION : The entire package is inside a directory named MAPIExample. The code organization is as follows : MAPIExample/ | |----------> Sources : Contains source files for the MAPI Example |----------> build.xml : Contains building and deployment scripts |----------> build.properties : Contains configuration for build.xml |----------> README.txt : The README for MAPI Example. |----------> MapiSample.war : This is the WAR file created after the code is built. This is then deployed onto the weblogic server using below mentioned steps. ----------------------------------------------------------------------------- INITIAL SEEDING : For the users ease of operation, the example first creates a set of default artifacts that are used in creation of other artifacts in the example: 1. Default Application: All policy operations are performed under an application domain. For this purpose, a default application DefaultSampleApp is created in the Policy Store. 2. Default Resource Type: A resource type is required to define a resource. For this purpose, a default resource type default_resType is created in the Policy Store. 3. Default Resource: For other policy operations, a resource/target is required to exist. For this purpose, a default resource default_resource is created in the Policy Store. ----------------------------------------------------------------------------- BUILDING INSTRUCTIONS : Source code is provided in the 'Sources' directory. To build the MAPI Example from the source code provided, perform the following operations: From a command line terminal, change directory to the Example Directory. Edit the file build.properties. Change the variable values according to your current environment. NOTE: Set ANT_HOME, JAVA_HOME properly before running ant command. Make sure $ANT_HOME/bin|%ANT_HOME%\bin and $JAVA_HOME/bin|%ANT_HOME%\bin added in PATH Then execute : ant This will build the WAR file for the MAPI Example at location: /MapiSample.war ----------------------------------------------------------------------------- DEPLOYING THE MAPI EXAMPLE : Pre-requisites : OES Admin must be installed before deploying this application. To deploy the MAPI Example you should have built the Example first using the above process. Once you have a WAR file in place at /MapiSample.war perform the following operations to deploy the Example on OES Admin domain: From a command line terminal, change directory to the Example Directory and execute ant deploy ----------------------------------------------------------------------------- ACCESSING THE MAPI EXAMPLE: The example application should be deployed first. Then, you can access the application. To access the application, from a browser navigate to http://:/MapiSample [ NOTE : You may use the same credentials used to log into the OES Domain. ] ----------------------------------------------------------------------------- FUNCTIONALITY PROVIDED : The example provides the following functionality. 1. Application Management: a. Create Application: Creates an application in the Policy Store. This application is used as a parent context for all other operations. b. Retrieve Application: Reads a user created application from the Policy Store. c. Delete Application: Deletes a user created application from the Policy Store. 2. Application Role Management: a. Create Application Role: Creates an application role in the Policy Store. b. Retrieve Application Role: Reads a user created application role from the Policy Store. c. Delete Application Role: Deletes a user created application role from the Policy Store. d. Grant Application Role: Grants an application role to a particular user. e. Revoke Application Role: Revokes an application role which was previously granted to a particular user. 3. Resource Type Management: a. Create Resource Type: Creates a resource type in the Policy Store. b. Retrieve Resource Type: Reads a user created resource type from the Policy Store. c. Delete Resource Type: Deletes a user created resource type from the Policy Store. d. Add actions to Resource Type: Adds an action to resource type that determines which operations can be invoked on a resource of this type. e. Remove actions from Resource Type: Removes an action from resource type that was previously added. 4. Resource Management: a. Create Resource: Creates a resource in the Policy Store. b. Retrieve Resource: Reads a user created resource from the Policy Store. c. Delete Resource: Deletes a user created resource from the Policy Store. 5. Attribute Management: a. Create Attribute: Creates an attribute in the Policy Store. b. Retrieve Attribute: Reads a user created attribute from the Policy Store. c. Delete Attribute: Deletes a user created attribute from the Policy Store. 6. Role Mapping Policy Management: a. Create Role Mapping Policy: Creates a role mapping policy in the Policy Store. b. Retrieve Role Mapping Policy: Reads a user created role mapping policy from the Policy Store. c. Delete Role Mapping Policy: Deletes a user created role mapping policy from the Policy Store. 7. Authorization Policy Management: a. Create Authorization Policy: Creates an authorization policy in the Policy Store. b. Retrieve Authorization Policy: Reads a user created authorization policy from the Policy Store. c. Delete Authorization Policy: Deletes a user created authorization policy from the Policy Store. ----------------------------------------------------------------------------- Following is a description the inputs required to be given by the user, for each operation: Application Management :- Create Application : Input Application Name, Description Retrieve Application : Input Application Name Delete Application : Input Application Name Application Role Management :- Create Application Role : Input Application Role Name, Description Retrieve Application Role : Input Application Role Name Delete Application Role : Input Application Role Name Grant Application Role : Input Application Role Name, Principal Type, Principal Name. Revoke Application Role : Input Application Role Name, Principal Type, Principal Name [ For Principal Type, appropriate class name should be provided, eg. weblogic.security.principal.WLSUserImpl ] Resource Type Management :- Create Resource Type :Input Resource Type Name, Description Retrieve Resource Type : Input Resource Type Name Delete Resource Type : Input Resource Type Name Add action to Resource Type : Input Resource Type Name, action name Remove action from Resource Type : Input Resource Type Name, action name Resource Management :- Create Resource : Input Resource Type Name, Resource Name, Description Retrieve Resource : Input Resource Type Name, Resource Name Delete Resource : Input Resource Type Name, Resource Name Attribute Management :- Create Attribute : Input Attribute Name, Description, Type Retrieve Attribute : Input Attribute Name Delete Attribute : Input Attribute Name Role Mapping Policy Management :- Create Role Mapping Policy : Input Policy Name, Description, Effect, Application Role, Principal, Constraint (optional) Retrieve Role Mapping Policy : input Policy Name Delete Role Mapping Policy : Input Policy Name Authorization Policy Management :- Create Authorization Policy : Input Policy Name, Description, Effect, Resource Action, Principal, Constraint(optional), Obligation(optional) Retrieve Authorization Policy : Input Policy Name Delete Authorization Policy : Input Policy Name