Use the end-to-end sample code and data graphs for basic operations involving users, groups, group members, and group memberships.
The following steps are covered in this sample scenario:
Ensure that you have read the information and completed the steps described in the topic, Programming prerequisites.
Add the following end-to-end sample code to your application code and replace the variables with the actual values that you want to use.
public class UserAndGroupSample extends BaseApp { // Define users and groups DNs private static String user1Dn = "uid=user1,o=defaultWIMFileBasedRealm"; private static String user2Dn = "uid=user2,o=defaultWIMFileBasedRealm"; private static String group1Dn = "cn=group1,o=defaultWIMFileBasedRealm"; private static String group2Dn = "cn=group2,o=defaultWIMFileBasedRealm"; private static String EJB_JNDI_NAME = "ejb/com/ibm/websphere/wim/ejb/WIMServiceHome"; /** * This sample does the following operations: * Creates a user * Creates a group * Assigns the user to the group * Gets the group members * Gets the group membership * Removes the user from the group * Deletes a user * Deletes a group */ public static void main(String[] args) throws Exception { // Initialize the profile service locateService(EJB_JNDI_NAME); // Create a user and a group respectively addPersonAccount("user1","user1cn","user1sn"); addGroup("group1"); // Add the member user1 to the group addMemberToGroup(user1Dn,group1Dn); // Get the group members getGroupMembers(group1Dn); // Get the group membership getGroupMembership(user1Dn); // Remove the member user1 from the group removeMemberFromGroup(user1Dn,group1Dn); // Delete the user1 deleteEntity(user1Dn); // Delete the group1 deleteEntity(group1Dn); } /** * addPersonAccount * Adds an entity of PersonAccount entity type * @param uid value to be set * @param cn value to be set * @param sn value to be set */ public static void addPersonAccount(String uid, String cn, String sn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_PERSON_ACCOUNT); // Set the properties of the person entity.set("uid", uid); entity.set("cn", cn); entity.set("sn", sn); System.out.println("Input data graph before creating user"+ printDO(root)); // Create the PersonAccount entity root = service.create(root); System.out.println("Output data graph after creating user"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * addGroup Adds an entity of type Group * @param cn value to be set */ public static void addGroup(String cn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP); // Set the cn of the group entity.set("cn", cn); System.out.println("Input data graph before creating group"+ printDO(root)); // Create the group entity root = service.create(root); System.out.println("Output data graph after creating group"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * addMemberToGroup adds a user to the group * @param memberDn uniqueName of the member * @param groupDn uniqueName of the group */ public static void addMemberToGroup(String memberDn, String groupDn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP); // Set the group uniqueName entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME, groupDn); DataObject member1 = SDOHelper.createDataObject(SchemaConstants.WIM_NS_URI, SchemaConstants.DO_ENTITY); // Set the member uniqueName member1.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME, memberDn); // Add the member to the group entity.getList(SchemaConstants.DO_MEMBERS).add(member1); System.out.println("Input datagraph before adding member to group"+ printDO(root)); // Update the group root = service.update(root); System.out.println("Output datagraph after adding member to group"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * getGroupMembers Returns the members of the group * @param groupDn uniqueName of the group */ public static void getGroupMembers(String groupDn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP); // Set the group uniqueName entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME, groupDn); // Set the property control DataObject propCtrl = SDOHelper.createControlDataObject(root, null, SchemaConstants.DO_PROPERTY_CONTROL); //Retrieve the cn of group whose members need to be searched propCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("cn"); // Set the group member control DataObject grpMbrCtrl = SDOHelper.createControlDataObject(root, null, SchemaConstants.DO_GROUP_MEMBER_CONTROL); // Retrieve cn and uid attributes for all members grpMbrCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("cn"); grpMbrCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("uid"); System.out.println("Input data graph before getting group members"+ printDO(root)); // Get the members of the group root = service.get(root); System.out.println("Output data graph after getting group members"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * getGroupMembership Gets the groups to which the user belongs * @param memberDn uniqueName of the user */ public static void getGroupMembership(String memberDn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_PERSON_ACCOUNT); // Set the uniqueName of the group entity.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME, memberDn); // Set the Group membership control DataObject grpMbrshipCtrl = SDOHelper.createControlDataObject(root, null, SchemaConstants.DO_GROUP_MEMBERSHIP_CONTROL); // Set the property of level to retrieve all the nested entities grpMbrshipCtrl.setInt(SchemaConstants.PROP_LEVEL, SchemaConstants.PROP_LEVEL_NESTED); // Retrieve cn attribute for all groups grpMbrshipCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("cn"); System.out.println("Input data graph before getting group membership of user"+ printDO(root)); // Get the members of the group root = service.get(root); System.out.println("Output data graph after getting group membership of user"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * removeMemberFromGroup remove the user from the group * @param memberDn uniqueName of the user * @param groupDn uniqueName of the group */ public static void removeMemberFromGroup(String memberDn, String groupDn) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP); // Set the uniqueName of the group entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME, groupDn); DataObject member1 = SDOHelper.createDataObject(SchemaConstants.WIM_NS_URI, SchemaConstants.DO_ENTITY); // Set the member uniqueName to be removed member1.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME, memberDn); // Retrieve the member to remove it from the group entity.getList(SchemaConstants.DO_MEMBERS).add(member1); // Set the group member control DataObject grpMbrCtrl = SDOHelper.createControlDataObject(root, null, SchemaConstants.DO_GROUP_MEMBER_CONTROL); // Unassign mode to remove the member from the group grpMbrCtrl.setInt(SchemaConstants.PROP_MODIFY_MODE, SchemaConstants.VALUE_MODIFY_MODE_UNASSIGN); System.out.println("Input datagraph before removing member from group"+ printDO(root)); // Update the group to remove the member root = service.update(root); System.out.println("Output datagraph after removing member from group"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } /** * deleteEntity Deletes the given entity * @param entityName */ public static void deleteEntity(String entityName) { try { DataObject root = SDOHelper.createRootDataObject(); DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_ENTITY); // Set the delete control DataObject ctrl = SDOHelper.createControlDataObject(root, null, SchemaConstants.DO_DELETE_CONTROL); // Set the return property after deletion ctrl.setBoolean(SchemaConstants.PROP_RETURN_DELETED, true); // Set the uniqueName of the entity to be deleted entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME, entityName); System.out.println("Input data graph before deleting entity"+ printDO(root)); // Delete the entity root = service.delete(root); System.out.println("Output data graph after deleting entity"+ printDO(root)); } catch(Exception e) { e.printStackTrace(); } } }
The input data graphs and the resulting output data graphs for each step of this example are provided next.
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:uid>user1</wim:uid> <wim:cn>user1cn</wim:cn> <wim:sn>user1sn</wim:sn> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:cn>group1</wim:cn> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> <wim:members> <wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:members> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:entities> <wim:controls xsi:type="wim:PropertyControl"> <wim:properties>cn</wim:properties> </wim:controls> <wim:controls xsi:type="wim:GroupMemberControl"> <wim:properties>cn</wim:properties> <wim:properties>uid</wim:properties> </wim:controls> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> <wim:cn>group1</wim:cn> <wim:members xsi:type="wim:PersonAccount"> <wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> <wim:uid>user1</wim:uid> <wim:cn>user1cn</wim:cn> </wim:members> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:entities> <wim:controls xsi:type="wim:GroupMembershipControl"> <wim:properties>cn</wim:properties> </wim:controls> </wim:Root> </sdo:datagraph>Output data graph after getting the groups to which a user belongs:
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> <wim:groups> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> <wim:cn>group1</wim:cn> </wim:groups> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> <wim:members> <wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:members> </wim:entities> <wim:controls xsi:type="wim:GroupMemberControl" modifyMode="3"/> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities> <wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:entities> <wim:controls xsi:type="wim:DeleteControl" returnDeleted="true"/> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:PersonAccount"> <wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities> <wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:entities> <wim:controls xsi:type="wim:DeleteControl" returnDeleted="true"/> </wim:Root> </sdo:datagraph>
<?xml version="1.0" encoding="UTF-8"?> <sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim"> <wim:Root> <wim:entities xsi:type="wim:Group"> <wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository" uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/> </wim:entities> </wim:Root> </sdo:datagraph>