February 1, 2019 at 12:15 pm #24664someswara.reddy.karemParticipant
Dear FR friends,
Currently we have requirement to read group attributes (custom) in “OpenAM Scripted Policy Condition”.
I’m able to read group using the below code:
//Read isMemberOf from OpenDJ.
var userGroup = identity.getAttribute(“isMemberOf”);
Once I have group information, I need to read custom group attributes (groupScope, groupStatus etc.).
Is there any SDK to read group attributes similar like identity.getAttribute() method??
Alternately, I’m thinking to call OpenDJ RESTAPI as the below: Is this right approach??
request.setUri(“http://opendjusers:8585/api/groups/” + groupName + “?_fields=groupScope&_prettyPrint=true”);
request.getHeaders().add(‘Authorization’, ‘Basic xxxxxxxxxxxxxx’);
However with this approach, I may end-up calling multiple REST API calls if user is belongs to multiple groups.
Please guide me if you come across similar challenge and how did you address it?
Thanks for your support.
SomFebruary 1, 2019 at 12:51 pm #24665srinath.mParticipant
You can try OpenAM REST API to get the roles and groups as below
SrinathFebruary 6, 2019 at 10:45 am #24700Peter MajorModerator
The scripts don’t have full access to all AM functionality at the moment, so accomplishing what you are trying to do would be probably simpler with good old Java extensions.February 7, 2019 at 12:10 pm #24718someswara.reddy.karemParticipant
Thanks Peter and Srinath.
We have enabled OpenDJ REST2LDAP interface, so inside Policy Condition,I invoke OpenDJ REST API to get list of groups. It works fine.
You must be logged in to reply to this topic.