This topic contains 3 replies, has 3 voices, and was last updated by 
-
Posts
-
Dear FR friends,
Currently we have requirement to read group attributes (custom) in “OpenAM Scripted Policy Condition”.
I’m able to read group using the below code://Read isMemberOf from OpenDJ.
var userGroup = identity.getAttribute(“isMemberOf”);Once I have group information, I need to read custom group attributes (groupScope, groupStatus etc.).
Is there any SDK to read group attributes similar like identity.getAttribute() method??Alternately, I’m thinking to call OpenDJ RESTAPI as the below: Is this right approach??
request.setUri(“http://opendjusers:8585/api/groups/” + groupName + “?_fields=groupScope&_prettyPrint=true”);
request.setMethod(“GET”);
request.getHeaders().add(‘Content-Type’, ‘application/json’);
request.getHeaders().add(‘Authorization’, ‘Basic xxxxxxxxxxxxxx’);
request.getHeaders().add(‘Accept-API-Version’, ‘resource=1.0’);However with this approach, I may end-up calling multiple REST API calls if user is belongs to multiple groups.
Please guide me if you come across similar challenge and how did you address it?
Thanks for your support.
Regards
SomHi,
You can try OpenAM REST API to get the roles and groups as belowhttp://openam.example.com:8080/openam/json/users/user.0?_fields=isMemberOf
Thanks,
SrinathThe scripts don’t have full access to all AM functionality at the moment, so accomplishing what you are trying to do would be probably simpler with good old Java extensions.
Thanks Peter and Srinath.
We have enabled OpenDJ REST2LDAP interface, so inside Policy Condition,I invoke OpenDJ REST API to get list of groups. It works fine.
Thanks.
Regards
Som
You must be logged in to reply to this topic.
