Seting up a multivalue in LDAP in selfregister module with JAVA

This topic has 5 replies, 2 voices, and was last updated 4 years, 9 months ago by tomoko.

  • Author
  • #17937

    I am changing the standard selfregister module, so when user creation, it puts a field in the ldap of the user with some predefined values automatically.

    I see that org.forgerock.selfservice.stages.registration.UserRegistrationStage;
    it uses to create user

    CreateRequest request = Requests.newCreateRequest(config.getIdentityServiceUrl(), user);
    connection.create(requestContext, request);

    with user a Json value, that contains the values the user entered into the selfregister web page (first, last name, userid, password, etc)

    The problem is I would like to setup a field to autosave the consent in UMA workflow. I see the information is saved in that field as
    “{nameagent} uma_authorization”
    or “{nameagent} uma_protection”
    And when the user authorizes both of them, the field in ldap has “two lines” (two values).
    How can I recreate that (a field with two values in ldap) using connection.create(requestContext, request) ?

    If I add to a json value

    JSONArray consent = new JSONArray();

    and then
    CreateRequest request = Requests.newCreateRequest(config.getIdentityServiceUrl(), user);
    connection.create(requestContext, request);

    The user is created wrong, with the field description as <<[“val1″,”val2”]>>
    How can i add a multivalue to a field in ldap in the Requests.newCreateRequest(config.getIdentityServiceUrl(), user);
    java method?

    Strangely, if I launch the call via curl command it allows array of values ok:
    (updating user as the user logged in)
    curl \
    –request PUT \
    –header “iplanetDirectoryPro: AQIC5wM2LY4SfcyYJuhTRen2Cz3qINmMyGAr1XM2-6Ib6-g.*AAJTSQACMDEAAlNLABQtNjQ3NjU1MDgwMTc4MDAxMjIyMQACUzEAAA..*” \
    –header “Content-Type: application/json” \
    –data ‘{ “description”:[“val1″,”val2”] }’ \

    (Create as amadmin user)
    curl \
    –request POST \
    –header “iplanetDirectoryPro: AQIC5wM2LY4SfcyCfEL_V_a1iPgeqtn8mzuckloeh_Rlktw.*AAJTSQACMDEAAlNLABQtNDQwODgwMjUwOTczNTgwNTg4NAACUzEAAA..*” \
    –header “Content-Type: application/json” \
    –data \
    “username”: “bjensen”,
    “userpassword”: “secret12”,
    “description”: [“aa”,”bb”],
    “mail”: “[email protected]
    }’ \


     Peter Major

    It’s possible that the issue here has to do with the fact that you aren’t using the JsonValue object to represent the user. I would suggest to use JsonValue instead of org.json.JSONArray when constructing the user.
    Additionally if you can provide details of how exactly you are constructing the user variable that could give us some more clues on what can go wrong.


    The user is a JSvonValue object, and it is made in the default UserDetailsStage, I have not changed it.
    (In fact I didnt remember how that object is made, honestly.)
    I see it is put in the context and recovered in my new final stage.
    In my final Stage of the SelfRegister flow, in the new stage i have added, it has the value of

    { “username”: “newusername”, “givenName”: “givenname”, “sn”: “lastname”, “userPassword”: “Welcome1”, “inetUserStatus”: “Active”}
    when debugging.
    I add two new properties (single strings) of my logic into it, and they are saved ok, without problems.
    It is based on org.forgerock.selfservice.stages.registration.UserRegistrationStage
    (original code follows:)
    public StageResponse advance(ProcessContext context, UserRegistrationConfig config) throws ResourceException {

    JsonValue user = context.getState(USER_FIELD);
    createUser(context.getRequestContext(), user, config);

    return StageResponse

    private void createUser(Context requestContext, JsonValue user,
    UserRegistrationConfig config) throws ResourceException {
    try (Connection connection = connectionFactory.getConnection()) {
    CreateRequest request = Requests.newCreateRequest(config.getIdentityServiceUrl(), user);
    connection.create(requestContext, request);

    If I add into user other things like:
    it works ok (asuming “hello” it is configured as a valid ldap atribute in datastore and valud atributes atributes in openam server configuration).

    I used JsonArray, because I though it would work, just as a test. And then adding that array into the user (a JsonValue object). In fact, that is basically what i am doing if i call the curl call directly.

    I can not put twice a key into a JsonObject, it gives me an exception that manipulation of Json (“Map key ‘hello’ already exists”).

    Any ideas or sugestion are welcome.
    thanks a lot.

     Peter Major


    user.put(“hello”, JsonValue.array(“foo”, “bar”));


    Thanks a lot for the answer.
    Unfortunately, I didt have time to check it, but I will try to do it when I have time.


    Thanks a lot, Peter Major. It worked.
    user.put(“hello”, JsonValue.array(“foo”, “bar”));

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?