ICF 1.5.20.25

Oracle EBS connector

The Oracle E-Business Suite (EBS) connector enables you to manage EBS accounts and synchronize accounts between EBS and the IDM managed user repository.

Before you start

These instructions assume you have an EBS administrator account and access to an Oracle EBS Database. You will need the following information to configure the connector:

Username

Your EBS administrator account username.

Password

Your EBS administrator account password.

JDBC Connection URL

The URL to establish the connection between the connector and the EBS application.

For more information, refer to the Oracle E-Business Suite documentation.

Install the EBS connector

If you are looking for the Advanced Identity Cloud application for this connector, refer to:

You can download any connector from Backstage, but some are included in the default deployment for Advanced Identity Cloud, IDM, or RCS. When using an included connector, you can skip installing it and move directly to configuration.

Connector included in default deployment
Connector IDM RCS

No

Yes

Download the connector .jar file from Backstage.

  • If you are running the connector locally, place it in the /path/to/openidm/connectors directory, for example:

    mv ~/Downloads/ebs-connector-1.5.20.23.jar /path/to/openidm/connectors/
  • If you are using a remote connector server (RCS), place it in the /path/to/openicf/connectors directory on the RCS.

  • If you are running the connector locally, place the library in the /path/to/openidm/lib/ directory:

    mv ~/Downloads/ojdbc8.jar /path/to/openidm/lib/
  • If you are using a remote connector server (RCS), place the library in the /path/to/openicf/lib directory on the RCS.

Configure the EBS connector

Create a connector configuration using the IDM admin UI:

  1. From the navigation bar, click Configure > Connectors.

  2. On the Connectors page, click New Connector.

  3. On the New Connector page, type a Connector Name.

  4. From the Connector Type drop-down list, select EBS Connector - 1.5.20.23.

  5. Complete the Base Connector Details.

    For a list of all configuration properties, refer to EBS Connector Configuration
  6. Click Save.

When your connector is configured correctly, the connector displays as Active in the admin UI.

Refer to this procedure to create a connector configuration over REST.

Test the EBS connector

Test that the configuration is correct by running the following command:

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--header "Accept-API-Version: resource=1.0" \
--request POST \
"https://localhost:8443/openidm/system/EBS?_action=test"
{
  "name" : "EBS",
  "enabled" : true,
  "config" : "config/provisioner.openicf/EBS",
  "connectorRef" : {
    "bundleVersion" : [1.5.0.0,1.6.0.0),
    "bundleName" : "org.forgerock.openicf.connectors.ebs-connector",
    "connectorName" : "org.forgerock.openicf.connectors.oracleebs.OracleEbsConnector"
  },
  "displayName" : "Oracle EBS Connector",
  "objectTypes" : [
    "__ACCOUNT__",
    "__ALL__"
  ],
  "ok" : true
}

If the command returns "ok": true, your connector has been configured correctly and can authenticate to the Oracle EBS server.

EBS remote connector

If you want to run this connector outside of PingOne Advanced Identity Cloud or IDM, you can configure the EBS connector as a remote connector. Java Connectors installed remotely on a Java Connector Server function identically to those bundled locally within PingOne Advanced Identity Cloud or installed locally on IDM.

You can download the EBS connector from here.

Refer to Remote connectors for configuring the EBS remote connector.

Configure Connection Pooling

The EBS connector embeds Tomcat JDBC pool. For more information, refer to Apache Tomcat 9 JDBC Connection Pool.

Supported resource types

The EBS connector supports the following resource types:

EBS connector supported resource types
ICF Native Type EBS Resource Type Naming Attribute

__ACCOUNT__

__NAME__

RESPONSIBILITY

__NAME__

Supported search filters

The EBS connector supports Search operations with the following filter operators and attributes:

Supported Operators and Filter Attributes With EBS Searches
Object Type Operators Attributes

__ACCOUNT__

And, Contains, StartsWith, Equals, EndsWith, Or

  • USER_ID

  • USER_NAME

  • LAST_UPDATE_DATE

  • LAST_UPDATE_BY

  • CREATION_DATE

  • CREATED_BY

  • LAST_UPDATE_LOGIN

  • ENCRYPTED_USER_PASSWORD

  • SESSION_NUMBER

  • START_DATE

  • END_DATE

  • DESCRIPTION

  • LAST_LOGON_DATE

  • PASSWORD_DATE

  • PASSWORD_ACCESSES_LEFT

  • PASSWORD_LIFESPAN_ACCESSES

  • PASSWORD_LIFESPAN_DAYS

  • EMAIL_ADDRESS

  • FAX

  • RESPONSIBILITY

RESPONSIBILITY

Equals, And, Or

  • RESPONSIBILITY_ID

  • APPLICATION_ID

  • LAST_UPDATE_DATE

  • LAST_UPDATED_BY

  • CREATION_DATE

  • CREATED_BY

  • LAST_UPDATE_LOGIN

  • DATA_GROUP_APPLICATION_ID

  • DATA_GROUP_ID

  • MENU_ID

  • TERM_SECURITY_ENABLED_FLAG

  • START_DATE

  • END_DATE

  • GROUP_APPLICATION_ID

  • REQUEST_GROUP_ID

  • VERSION

  • WEB_HOST_NAME

  • WEB_AGENT_NAME

  • RESPONSIBILITY_KEY

  • RESPONSIBILITY_NAME

  • SECURITY_GROUP_ID

  • ZD_EDITION_NAME

  • ZD_SYNC

Attributes

The following attributes are supported by the connector:

Attributes Description

USER_ID

The user’s User ID

USER_NAME

The user’s username

ENCRYPTED_USER_PASSWORD

The user’s encrypted password

SESSION_NUMBER

Number of sessions

START_DATE

Start date for the created user

END_DATE

End date for the created user

DESCRIPTION

The user’s description

LAST_LOGON_DATE

Last logged on date

PASSWORD_DATE

The date the current password was set

PASSWORD_ACCESSES_LEFT

The number of accesses left for the password

PASSWORD_LIFESPAN_ACCESSES

The number of accesses allowed for the password

PASSWORD_LIFESPAN_DAYS

The number of days allowed for the password

EMAIL_ADDRESS

The user’s email address

FAX

The user’s fax number

Use the EBS connector

The EBS connector can perform the following actions:

Users

Create a user

The following example creates a user with all the creatable attributes:

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--request POST \
--data
'{
  "__NAME__": "BJENSEN",
  "__PASSWORD__": "Test@123",
  "EMAIL_ADDRESS": "bjensen@forgerock.com",
  "SESSION_NUMBER": "2",
  "START_DATE": "03-Nov-22",
  "END_DATE": "08-Nov-22",
  "LAST_LOGON_DATE": "08-DEC-2021",
  "PASSWORD_DATE": "08-JUN-2021",
  "PASSWORD_ACCESSES_LEFT": "1",
  "PASSWORD_LIFESPAN_ACCESSES": "1",
  "PASSWORD_LIFESPAN_DAYS": "1"
}' \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__?_action=create"
{
  "_id": "1015488",
  "USER_ID": "1015488",
  "START_DATE": "03-Nov-22",
  "LAST_UPDATE_LOGIN": 1015131,
  "USER_NAME": "BJENSEN",
  "__ENABLE__": false,
  "EMAIL_ADDRESS": "bjensen@forgerock.com",
  "SESSION_NUMBER": 2,
  "LAST_LOGON_DATE": "08-Dec-21",
  "PASSWORD_ACCESSES_LEFT": 1,
  "PASSWORD_LIFESPAN_ACCESSES": 1,
  "END_DATE": "08-Nov-22",
  "PASSWORD_LIFESPAN_DAYS": 1,
  "PASSWORD_DATE": "08-Jun-21",
  "__NAME__": "BJENSEN",
  "LAST_UPDATE_DATE": "02-Dec-22"
}

When you create a new user, you must specify at least the __NAME__ attribute.

__NAME__ has a maximum length of 100 characters, should be in UPPER CASE, and must be unique.

Query a user by id

The following queries a specific user by their ID:

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--request GET \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__/1015488"
{
  "_id": "1015488",
  "USER_ID": "1015488",
  "START_DATE": "03-Nov-22",
  "LAST_UPDATE_LOGIN": 1015131,
  "USER_NAME": "BJENSEN",
  "__ENABLE__": false,
  "EMAIL_ADDRESS": "bjensen@forgerock.com",
  "SESSION_NUMBER": 7,
  "LAST_LOGON_DATE": "08-Dec-21",
  "PASSWORD_ACCESSES_LEFT": 1,
  "PASSWORD_LIFESPAN_ACCESSES": 1,
  "END_DATE": "08-Nov-22",
  "PASSWORD_LIFESPAN_DAYS": 1,
  "PASSWORD_DATE": "08-Jun-21",
  "__NAME__": "BJENSEN",
  "DESCRIPTION": "ebsuser",
  "LAST_UPDATE_DATE": "02-Dec-22"
}
Query all users

The following example queries all users:

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__?_queryId=query-all-ids"
{
  "result":[
    {"_id":"1000001"},
    {"_id":"3"},
    {"_id":"2"},
    {"_id":"0"},
    {"_id":"1001"},
    {"_id":"1555"},
    {"_id":"1003"},
    {"_id":"1004"},
    {"_id":"1005"},
    {"_id":"1007"}
    ],
  "resultCount":10,
  "pagedResultsCookie":null,
  "totalPagedResultsPolicy":"NONE",
  "totalPagedResults":-1,
  "remainingPagedResults":-1
}
Update a user

The EBS Connector can modify the following attributes of a user entry:

  • __PASSWORD__

  • __ENABLE__

  • EMAIL_ADDRESS

  • START_DATE

  • END_DATE

The following example updates a user:

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "If-Match: *" \
--header "Content-Type: application/json" \
--request  PUT \
--data '{
  "__NAME__": "BJENSEN",
  "__PASSWORD__": "Test@123",
  "EMAIL_ADDRESS": "bjensen@forgerock.com",
  "SESSION_NUMBER": "7",
  "START_DATE": "03-Nov-22",
  "END_DATE": "08-Nov-22",
  "LAST_LOGON_DATE": "08-DEC-2021",
  "PASSWORD_DATE": "08-JUN-2021",
  "PASSWORD_ACCESSES_LEFT": "1",
  "PASSWORD_LIFESPAN_ACCESSES": "1",
  "PASSWORD_LIFESPAN_DAYS": "1",
  "DESCRIPTION": "ebsuser"
}' \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__/1015488"
{
  "_id" : "1015488",
  "USER_ID" : "1015488",
  "START_DATE" : "03-Nov-22",
  "LAST_UPDATE_LOGIN" : 1015131,
  "USER_NAME" : "BJENSEN",
  "__ENABLE__" : false,
  "EMAIL_ADDRESS" : "bjensen@forgerock.com",
  "SESSION_NUMBER" : 7,
  "LAST_LOGON_DATE" : "08-Dec-21",
  "PASSWORD_ACCESSES_LEFT" : 1,
  "PASSWORD_LIFESPAN_ACCESSES" : 1,
  "END_DATE" : "08-Nov-22",
  "PASSWORD_LIFESPAN_DAYS" : 1,
  "PASSWORD_DATE" : "08-Jun-21",
  "__NAME__" : "BJENSEN",
  "DESCRIPTION" : "ebsuser",
  "LAST_UPDATE_DATE" : "02-Dec-22"
}
Reset a user’s password

To reset the password for a user account, update the user’s "__PASSWORD__" attribute:

curl \
--header "Content-Type: application/json" \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "if-Match:*" \
--request PUT \
--data '{
  "__NAME__": "BJENSEN",
  "__PASSWORD__": "RRvts125!"
}' \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__/1015488"
{
  "_id" : "1015488",
  "USER_ID" : "1015488",
  "START_DATE" : "03-Nov-22",
  "LAST_UPDATE_LOGIN" : 1015131,
  "USER_NAME" : "BJENSEN",
  "__ENABLE__" : false,
  "EMAIL_ADDRESS" : "bjensen@forgerock.com",
  "SESSION_NUMBER" : 7,
  "LAST_LOGON_DATE" : "08-Dec-21",
  "PASSWORD_ACCESSES_LEFT" : 1,
  "PASSWORD_LIFESPAN_ACCESSES" : 1,
  "END_DATE" : "08-Nov-22",
  "PASSWORD_LIFESPAN_DAYS" : 1,
  "PASSWORD_DATE" : "08-Jun-21",
  "__NAME__": "BJENSEN",
  "DESCRIPTION" : "ebsuser",
  "LAST_UPDATE_DATE" : "02-Dec-22"
}
Activate a user

The following example activates a user:

curl \
--header "Content-Type: application/json" \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "if-Match:*" \
--request PUT \
--data '{
  "__NAME__":"BJENSEN",
  "__PASSWORD__":"Rvts12345",
  "__ENABLE__": true
}' \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__/1015488"
{
  "_id" : "1015488",
  "USER_ID" : "1015488",
  "START_DATE" : "02-Dec-22",
  "LAST_UPDATE_LOGIN" : -1,
  "USER_NAME" : "BJENSEN",
  "__ENABLE__" : true,
  "EMAIL_ADDRESS" : "bjensen@forgerock.com",
  "SESSION_NUMBER" : 7,
  "LAST_LOGON_DATE" : "08-Dec-21",
  "PASSWORD_ACCESSES_LEFT" : 1,
  "PASSWORD_LIFESPAN_ACCESSES" : 1,
  "PASSWORD_LIFESPAN_DAYS" : 1,
  "PASSWORD_DATE" : "08-Jun-21",
  "__NAME__" : "BJENSEN",
  "DESCRIPTION" : "ebsuser",
  "LAST_UPDATE_DATE" : "02-Dec-22"
}
Deactivate a user

The following example deactivates a user:

curl \
--header "Content-Type: application/json" \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "if-Match:*" \
--request PUT \
--data '{
  "__NAME__":"BJENSEN",
  "__PASSWORD__":"Rvts12345",
  "__ENABLE__": false
}' \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__/1015488"
{
  "_id" : "1015488",
  "USER_ID" : "1015488",
  "START_DATE" : "03-Nov-22",
  "LAST_UPDATE_LOGIN" : -1,
  "USER_NAME" : "BJENSEN",
  "__ENABLE__" : false,
  "EMAIL_ADDRESS" : "bjensen@forgerock.com",
  "SESSION_NUMBER" : 7,
  "LAST_LOGON_DATE" : "08-Dec-21",
  "PASSWORD_ACCESSES_LEFT" : 1,
  "PASSWORD_LIFESPAN_ACCESSES" : 1,
  "END_DATE" : "02-Dec-22",
  "PASSWORD_LIFESPAN_DAYS" : 1,
  "PASSWORD_DATE" : "08-Jun-21",
  "__NAME__" : "BJENSEN",
  "DESCRIPTION" : "ebsuser",
  "LAST_UPDATE_DATE" : "02-Dec-22"
}

Responsibilities

Assign responsibilities to a user
After a user has been assigned a responsibility, the START_DATE and END_DATE can’t be changed. To edit either of these values, remove the responsibility and then add it again.
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--header "if-Match:*" \
--request PUT \
--data '{
  "__NAME__": "STUBBS",
  "__PASSWORD__": "Test@231",
  "EMAIL_ADDRESS": "STUBBS.SON@example.com",
  "SESSION_NUMBER": "3",
  "FAX": "56",
  "START_DATE": "15-Jan-24",
  "END_DATE": "23-Jan-24",
  "LAST_LOGON_DATE": "23-DEC-2021",
  "PASSWORD_DATE": "12-JUN-2022",
  "PASSWORD_ACCESSES_LEFT": "2",
  "PASSWORD_LIFESPAN_ACCESSES": "3",
  "DESCRIPTION": "EBSBARUSER",
  "PASSWORD_LIFESPAN_DAYS": "2",
  "RESPONSIBILITY": [
    {
      "RESP_APP": "IBE",
      "RESP_KEY": "IBE_CUSTOMER",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESPONSIBILITY_DESCRIPTION": "updated",
      "RESPONSIBILITY_START_DATE": "29-SEP-2021",
      "RESPONSIBILITY_END_DATE": "29-SEP-2024"
    },
    {
      "RESP_APP": "CS",
      "RESP_KEY": "CS_KB_SYSTEM_ADMIN",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESPONSIBILITY_DESCRIPTION": "updated",
      "RESPONSIBILITY_START_DATE": "29-SEP-2021",
      "RESPONSIBILITY_END_DATE": "29-SEP-2024"
    },
    {
      "RESP_APP": "PA",
      "RESP_KEY": "PROJECT_BILLING_SUPER_USER",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESPONSIBILITY_DESCRIPTION": "responded",
      "RESPONSIBILITY_START_DATE": "15-JUL-2021",
      "RESPONSIBILITY_END_DATE": "13-SEP-2024"
    }
  ]
}' \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__/1017315"
{
  "_id": "1017315",
  "PASSWORD_DATE": "12-Jun-22",
  "LAST_UPDATE_LOGIN": 1015131,
  "__ENABLE__": false,
  "PASSWORD_ACCESSES_LEFT": 2,
  "__NAME__": "STUBBS",
  "END_DATE": "23-Jan-24",
  "DESCRIPTION": "EBSBARUSER",
  "EMAIL_ADDRESS": "STUBBS.SON@example.com",
  "LAST_LOGON_DATE": "23-Dec-21",
  "RESPONSIBILITY": [
    {
      "RESP_KEY": "PROJECT_BILLING_SUPER_USER",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESP_APP": "PA",
      "RESPONSIBILITY_DESCRIPTION": "responded",
      "RESPONSIBILITY_START_DATE": "15-Jul-21",
      "RESPONSIBILITY_END_DATE": "13-Sep-24"
    },
    {
      "RESP_KEY": "CS_KB_SYSTEM_ADMIN",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESP_APP": "CS",
      "RESPONSIBILITY_DESCRIPTION": "updated",
      "RESPONSIBILITY_START_DATE": "29-Sep-21",
      "RESPONSIBILITY_END_DATE": "29-Sep-24"
    },
    {
      "RESP_KEY": "IBE_CUSTOMER",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESP_APP": "IBE",
      "RESPONSIBILITY_DESCRIPTION": "updated",
      "RESPONSIBILITY_START_DATE": "29-Sep-21",
      "RESPONSIBILITY_END_DATE": "29-Sep-24"
    }
  ],
  "PASSWORD_LIFESPAN_DAYS": 2,
  "START_DATE": "15-Jan-24",
  "LAST_UPDATE_DATE": "17-May-24",
  "PASSWORD_LIFESPAN_ACCESSES": 3,
  "USER_ID": "1017315",
  "SESSION_NUMBER": 3,
  "FAX": "56"
}
Remove responsibilities from a user
When you remove a responsibility the END_DATE is updated to the current date.
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--header "if-Match:*" \
--request PUT \
--data '{
  "__NAME__": "STUBBS",
  "__PASSWORD__": "Test@231",
  "EMAIL_ADDRESS": "STUBBS.SON@example.com",
  "SESSION_NUMBER": "3",
  "FAX": "56",
  "START_DATE": "15-Jan-24",
  "END_DATE": "23-Jan-24",
  "LAST_LOGON_DATE": "23-DEC-2021",
  "PASSWORD_DATE": "12-JUN-2022",
  "PASSWORD_ACCESSES_LEFT": "2",
  "PASSWORD_LIFESPAN_ACCESSES": "3",
  "DESCRIPTION": "EBSBARUSER",
  "PASSWORD_LIFESPAN_DAYS": "2",
  "RESPONSIBILITY": [
    {
      "RESP_APP": "IBE",
      "RESP_KEY": "IBE_CUSTOMER",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESPONSIBILITY_DESCRIPTION": "updated",
      "RESPONSIBILITY_START_DATE": "29-SEP-2021",
      "RESPONSIBILITY_END_DATE": "29-SEP-2024"
    },
    {
      "RESP_APP": "CS",
      "RESP_KEY": "CS_KB_SYSTEM_ADMIN",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESPONSIBILITY_DESCRIPTION": "updated",
      "RESPONSIBILITY_START_DATE": "29-SEP-2021",
      "RESPONSIBILITY_END_DATE": "29-SEP-2024"
    }
  ]
}' \
"https://localhost:8443/openidm/system/EBS/__ACCOUNT__/1017315"
{
  "_id": "1017315",
  "PASSWORD_DATE": "12-Jun-22",
  "LAST_UPDATE_LOGIN": 1015131,
  "__ENABLE__": false,
  "PASSWORD_ACCESSES_LEFT": 2,
  "__NAME__": "STUBBS",
  "END_DATE": "23-Jan-24",
  "DESCRIPTION": "EBSBARUSER",
  "EMAIL_ADDRESS": "STUBBS.SON@example.com",
  "LAST_LOGON_DATE": "23-Dec-21",
  "RESPONSIBILITY": [
    {
      "RESP_KEY": "PROJECT_BILLING_SUPER_USER",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESP_APP": "PA",
      "RESPONSIBILITY_DESCRIPTION": "",
      "RESPONSIBILITY_START_DATE": "15-Jul-21",
      "RESPONSIBILITY_END_DATE": "17-May-24"
    },
    {
      "RESP_KEY": "CS_KB_SYSTEM_ADMIN",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESP_APP": "CS",
      "RESPONSIBILITY_DESCRIPTION": "updated",
      "RESPONSIBILITY_START_DATE": "29-Sep-21",
      "RESPONSIBILITY_END_DATE": "29-Sep-24"
    },
    {
      "RESP_KEY": "IBE_CUSTOMER",
      "RESPONSIBILITY_SECURITY_GROUP": "STANDARD",
      "RESP_APP": "IBE",
      "RESPONSIBILITY_DESCRIPTION": "updated",
      "RESPONSIBILITY_START_DATE": "29-Sep-21",
      "RESPONSIBILITY_END_DATE": "29-Sep-24"
    }
  ],
  "PASSWORD_LIFESPAN_DAYS": 2,
  "START_DATE": "15-Jan-24",
  "LAST_UPDATE_DATE": "17-May-24",
  "PASSWORD_LIFESPAN_ACCESSES": 3,
  "USER_ID": "1017315",
  "SESSION_NUMBER": 3,
  "FAX": "56"
}
Query all responsibilities

The following example queries all user responsibilities by their IDs:

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--request GET \
"https://localhost:8443/openidm/system/EBS/RESPONSIBILITY?_queryId=query-all-ids"
{
  "result": [
    {
      "_id": "21766"
    },
    {
      "_id": "21765"
    },
    {
      "_id": "21764"
    },
    ...
  ],
  "resultCount": 5104,
  "pagedResultsCookie": null,
  "totalPagedResultsPolicy": "NONE",
  "totalPagedResults": -1,
  "remainingPagedResults": -1
}
Query a single responsibility

The following example queries a single user responsibility (50832):

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--request GET \
"https://localhost:8443/openidm/system/EBS/RESPONSIBILITY?_queryFilter=_id%20eq%20%2250832%22"
{
  "result": [
    {
      "_id": "50832",
      "LAST_UPDATE_LOGIN": 0,
      "ZD_SYNC": "SYNCED",
      "RESPONSIBILITY_KEY": "CHEF CULINAIR",
      "ZD_EDITION_NAME": "SET1",
      "DATA_GROUP_ID": "0",
      "DATA_GROUP_APPLICATION_ID": "20021",
      "MENU_ID": "1000542",
      "WEB_HOST_NAME": "`",
      "START_DATE": "10-Feb-98",
      "CREATION_DATE": "10-Feb-98",
      "LAST_UPDATE_DATE": "10-Feb-98",
      "VERSION": "4",
      "APPLICATION_ID": "20021",
      "RESPONSIBILITY_ID": "50832",
      "LAST_UPDATED_BY": 2,
      "__NAME__": "CHEF CULINAIR",
      "CREATED_BY": 0,
      "RESPONSIBILITY_NAME": "Chef"
    }
  ],
  "resultCount": 1,
  "pagedResultsCookie": null,
  "totalPagedResultsPolicy": "NONE",
  "totalPagedResults": -1,
  "remainingPagedResults": -1
}

OpenICF Interfaces Implemented by the Oracle EBS Connector

The Oracle EBS Connector implements the following OpenICF interfaces. For additional details, see ICF interfaces:

Create

Creates an object and its uid.

Schema

Describes the object types, operations, and options that the connector supports.

Script on Connector

Enables an application to run a script in the context of the connector.

Any script that runs on the connector has the following characteristics:

  • The script runs in the same execution environment as the connector and has access to all the classes to which the connector has access.

  • The script has access to a connector variable that is equivalent to an initialized instance of the connector. At a minimum, the script can access the connector configuration.

  • The script has access to any script arguments passed in by the application.

Search

Searches the target resource for all objects that match the specified object class and filter.

Sync

Polls the target resource for synchronization events, that is, native changes to objects on the target resource.

Test

Tests the connector configuration.

Testing a configuration checks all elements of the environment that are referred to by the configuration are available. For example, the connector might make a physical connection to a host that is specified in the configuration to verify that it exists and that the credentials that are specified in the configuration are valid.

This operation might need to connect to a resource, and, as such, might take some time. Do not invoke this operation too often, such as before every provisioning operation. The test operation is not intended to check that the connector is alive (that is, that its physical connection to the resource has not timed out).

You can invoke the test operation before a connector configuration has been validated.

Update

Updates (modifies or replaces) objects on a target resource.

Oracle EBS Connector Configuration

The Oracle EBS Connector has the following configurable properties:

Configuration properties

Property Type Default Encrypted(1) Required(2)

connectionProperties

String

null

No

The connection properties that will be sent to our JDBC driver when establishing new connections. Format of the string must be [propertyName=property;]* NOTE - The "user" and "password" properties will be passed explicitly, so they do not need to be included here. The default value is null.

propagateInterruptState

boolean

false

No

Set this to true to propagate the interrupt state for a thread that has been interrupted (not clearing the interrupt state). Default value is false for backwards compatibility.

validationQuery

String

select 1 from dual

No

The SQL query that will be used to validate connections from this pool before returning them to the caller. If specified, this query does not have to return any data, it just cant throw a SQLException. The default value is null. Example values are SELECT 1(mysql), select 1 from dual(oracle), SELECT 1(MS Sql Server).

rollbackOnReturn

boolean

false

No

If autoCommit==false then the pool can terminate the transaction by calling rollback on the connection as it is returned to the pool Default value is false.

useDisposableConnectionFacade

boolean

true

No

Set this to true if you wish to put a facade on your connection so that it cannot be reused after it has been closed. This prevents a thread holding on to a reference of a connection it has already called closed on, to execute queries on it.

defaultCatalog

String

null

No

The default catalog of connections created by this pool.

validationInterval

long

3000

No

To avoid excess validation, run validation at most at this frequency (in milliseconds). If a connection is due for validation, but was validated within this interval, it will not be validated again. The default value is 3000 (3 seconds).

ignoreExceptionOnPreLoad

boolean

false

No

Flag whether ignore error of connection creation while initializing the pool. Set to true if you want to ignore error of connection creation while initializing the pool. Set to false if you want to fail the initialization of the pool by throwing exception.

jmxEnabled

boolean

true

No

Register the pool with JMX or not. The default value is true.

commitOnReturn

boolean

false

No

If autoCommit==false then the pool can complete the transaction by calling commit on the connection as it is returned to the pool If rollbackOnReturn==true then this attribute is ignored. Default value is false.

logAbandoned

boolean

false

No

Flag to log stack traces for application code which abandoned a Connection. Logging of abandoned Connections adds overhead for every Connection borrow because a stack trace has to be generated. The default value is false.

alternateUsernameAllowed

boolean

false

No

By default, the jdbc-pool will ignore the DataSource.getConnection(username,password) call, and simply return a previously pooled connection under the globally configured properties username and password, for performance reasons. The pool can however be configured to allow use of different credentials each time a connection is requested. To enable the functionality described in the DataSource.getConnection(username,password) call, simply set the property alternateUsernameAllowed to true. Should you request a connection with the credentials user1/password1 and the connection was previously connected using different user2/password2, the connection will be closed, and reopened with the requested credentials. This way, the pool size is still managed on a global level, and not on a per schema level.

validatorClassName

String

null

No

The name of a class which implements the org.apache.tomcat.jdbc.pool.Validator interface and provides a no-arg constructor (may be implicit). If specified, the class will be used to create a Validator instance which is then used instead of any validation query to validate connections. The default value is null. An example value is com.mycompany.project.SimpleValidator.

maxIdle

int

100

No

The maximum number of connections that should be kept in the pool at all times. Idle connections are checked periodically (if enabled) and connections that have been idle for longer than minEvictableIdleTimeMillis are released. The default value is derived from maxActive:100. (Also see testWhileIdle).

testWhileIdle

boolean

false

No

The indication of whether objects will be validated by the idle object evictor (if any). If an object fails to validate, it will be dropped from the pool. NOTE - for a true value to have any effect, the validationQuery parameter must be set to a non-null string. The default value is false and this property has to be set in order for the pool cleaner/test thread is to run (also see timeBetweenEvictionRunsMillis).

removeAbandoned

boolean

false

No

Flag to remove abandoned connections if they exceed the removeAbandonedTimeout. If set to true a connection is considered abandoned and eligible for removal if it has been in use longer than the removeAbandonedTimeout Setting this to true can recover db connections from applications that fail to close a connection. See also logAbandoned The default value is false.

suspectTimeout

int

0

No

Timeout value in seconds. Similar to to the removeAbandonedTimeout value but instead of treating the connection as abandoned, and potentially closing the connection, this simply logs the warning if logAbandoned is set to true. If this value is equal or less than 0, no suspect checking will be performed. Suspect checking only takes place if the timeout value is larger than 0 and the connection was not abandoned or if abandon check is disabled. If a connection is suspect a WARN message gets logged and a JMX notification gets sent once.

useEquals

boolean

true

No

Set to true if you wish the ProxyConnection class to use String.equals and set to false when you wish to use == when comparing method names. This property does not apply to added interceptors as those are configured individually. The default value is true.

removeAbandonedTimeout

int

60

No

Timeout in seconds before an abandoned(in use) connection can be removed. The default value is 60 (60 seconds). The value should be set to the longest running query your applications might have.

defaultAutoCommit

Boolean

null

No

The default auto-commit state of connections created by this pool. If not set, default is JDBC driver default (If not set then the setAutoCommit method will not be called).

testOnConnect

boolean

false

No

Returns true if we should run the validation query when connecting to the database for the first time on a connection. Normally this is always set to false, unless one wants to use the validationQuery as an init query.

abandonWhenPercentageFull

int

0

No

Connections that have been abandoned (timed out) wont get closed and reported up unless the number of connections in use are above the percentage defined by abandonWhenPercentageFull. The value should be between 0-100. The default value is 0, which implies that connections are eligible for closure as soon as removeAbandonedTimeout has been reached.

jdbcInterceptors

String

null

No

A semicolon separated list of classnames extending org.apache.tomcat.jdbc.pool.JdbcInterceptor class. See Configuring JDBC interceptors below for more detailed description of syntaz and examples. These interceptors will be inserted as an interceptor into the chain of operations on a java.test_sample.Connection object. The default value is null.

minIdle

int

10

No

The minimum number of established connections that should be kept in the pool at all times. The connection pool can shrink below this number if validation queries fail. The default value is derived from initialSize:10. (Also see testWhileIdle).

defaultReadOnly

Boolean

null

No

The default read-only state of connections created by this pool. If not set then the setReadOnly method will not be called. (Some drivers dont support read only mode, ex: Informix).

initialSize

int

10

No

The initial number of connections that are created when the pool is started. Default value is 10.

maxWait

int

30000

No

The maximum number of milliseconds that the pool will wait (when there are no available connections) for a connection to be returned before throwing an exception. Default value is 30000 (30 seconds).

defaultTransactionIsolation

int

-1

No

The default TransactionIsolation state of connections created by this pool. One of the following: NONE, READ_COMMITTED, READ_UNCOMMITTED, REPEATABLE_READ, SERIALIZABLE If not set, the method will not be called and it defaults to the JDBC driver.

numTestsPerEvictionRun

int

0

No

Property not used in tomcat-jdbc-pool.

url

String

null

No

The URL used to connect to the database.

testOnBorrow

boolean

true

No

The indication of whether objects will be validated before being borrowed from the pool. If the object fails to validate, it will be dropped from the pool, and we will attempt to borrow another. NOTE - for a true value to have any effect, the validationQuery parameter must be set to a non-null string. In order to have a more efficient validation, see validationInterval. Default value is false.

fairQueue

boolean

true

No

Set to true if you wish that calls to getConnection should be treated fairly in a true FIFO fashion. This uses the org.apache.tomcat.jdbc.pool.FairBlockingQueue implementation for the list of the idle connections. The default value is true. This flag is required when you want to use asynchronous connection retrieval. Setting this flag ensures that threads receive connections in the order they arrive. During performance tests, there is a very large difference in how locks and lock waiting is implemented. When fairQueue=true there is a decision making process based on what operating system the system is running. If the system is running on Linux (property os.name=Linux. To disable this Linux specific behavior and still use the fair queue, simply add the property org.apache.tomcat.jdbc.pool.FairBlockingQueue.ignoreOS=true to your system properties before the connection pool classes are loaded.

logValidationErrors

boolean

false

No

Set this to true to log errors during the validation phase to the log file. If set to true, errors will be logged as SEVERE. Default value is false for backwards compatibility.

accessToUnderlyingConnectionAllowed

boolean

true

No

Property not used. Access can be achieved by calling unwrap on the pooled connection. see javax.test_sample.DataSource interface, or call getConnection through reflection or cast the object as javax.test_sample.PooledConnection.

maxAge

long

0

No

Time in milliseconds to keep this connection. When a connection is returned to the pool, the pool will check to see if the now - time-when-connected > maxAge has been reached, and if so, it closes the connection rather than returning it to the pool. The default value is 0, which implies that connections will be left open and no age check will be done upon returning the connection to the pool.

minEvictableIdleTimeMillis

int

60000

No

The minimum amount of time an object may sit idle in the pool before it is eligible for eviction. The default value is 60000 (60 seconds).

timeBetweenEvictionRunsMillis

int

5000

No

The number of milliseconds to sleep between runs of the idle connection validation/cleaner thread. This value should not be set under 1 second. It dictates how often we check for idle, abandoned connections, and how often we validate idle connections. The default value is 5000 (5 seconds).

testOnReturn

boolean

false

No

The indication of whether objects will be validated before being returned to the pool. NOTE - for a true value to have any effect, the validationQuery parameter must be set to a non-null string. The default value is false.

driverClassName

String

null

No

The fully qualified Java class name of the JDBC driver to be used. The driver has to be accessible from the same classloader as tomcat-jdbc.jar.

name

String

Tomcat Connection Pool[4-2629388]

No

Returns the name of the connection pool. By default a JVM unique random name is assigned.

useStatementFacade

boolean

true

No

Returns true if this connection pool is configured to wrap statements in order to enable equals() and hashCode() methods to be called on the closed statements if any statement proxy is set.

useLock

boolean

false

No

Return true if a lock should be used when operations are performed on the connection object. Should be set to false unless you plan to have a background thread of your own doing idle and abandon checking such as JMX clients. If the pool sweeper is enabled, then the lock will automatically be used regardless of this setting.

initSQL

String

null

No

A custom query to be run when a connection is first created. The default value is null.

maxActive

int

100

No

The maximum number of active connections that can be allocated from this pool at the same time. The default value is 100.

username

String

null

No

The connection username to be passed to our JDBC driver to establish a connection. Note that method DataSource.getConnection(username,password) by default will not use credentials passed into the method, but will use the ones configured here. See alternateUsernameAllowed property for more details.

validationQueryTimeout

int

-1

No

The timeout in seconds before a connection validation queries fail. This works by calling java.test_sample.Statement.setQueryTimeout(seconds) on the statement that executes the validationQuery. The pool itself doesnt timeout the query, it is still up to the JDBC driver to enforce query timeouts. A value less than or equal to zero will disable this feature. The default value is -1.

password

String

null

Yes

Yes

Oracle EBS login password to authenticate the user.

pageSize

int

50

No

Page size of search.

(1) Whether the property value is considered confidential, and is therefore encrypted in IDM.

(2) A list of operations in this column indicates that the property is required for those operations.