Table Of Contents
Using Old PAP APIs
Exercise 7: Create Resource
Exercise 8: Create User
Exercise 9: Create Role
Exercise 10: Map User to Role
Using Old PAP APIs
This chapter provides exercises that will teach you how to work with the PAP APIs to develop some of the more commonly used PAP functions. Exercises 7 through 10 cover the following PAP functions:
•Create resource
•Create user
•Create role
•Map user to role
These exercises will expose you to the following PAP API objects:
•EntitlementManager: PAP handler for obtaining manager objects for users, groups, roles, resources, etc.
•IResource: interface for managing resources
•ISubject: interface for managing users and groups
•IRole: interface for managing roles and policies
•Subject, role, and resource: entity objects for setting attributes such as name, description, type, etc.
For information on the full set of PAP APIs, refer to Appendix B, "PAP API Implementations."
Exercise 7: Create Resource
This exercise provides the steps necessary to create a resource. The sample code in Step 3 only sets the mandatory attributes for the resource object. For more information on setting optional attributes, refer to the PAP API Javadocs.
To create a resource, follow these steps:
Step 1 Initialize the resource manager object, IResource.
IResource resourceMgr = EntitlementManager.getInstance().getResourceManager();
Step 2 Initialize the resource object, Resource.
Resource resourceObj = new Resource();
Step 3 Set the mandatory resource attributes (name, description, parent resource, application, type).
resourceObj.setResourceName("Test Resource");
resourceObj.setResourceDesc("This is a test");
resourceObj.setResourceParentName("Prime group:Prime portal");
resourceObj.setApplicationName("Prime group:Prime portal");
resourceObj.setResourceType(EntitlementManager.getInstance().getResourceTypeManager().getR
esourceType("UNTYPE", "Global"));
Step 4 Create the resource.
resourceMgr.createResource(resourceObj);
Step 5 Log in to the administration console and verify creation of the resource.
If you are using new API, use the following code snippet for creating the above resource:
Exercise 8: Create User
This exercise provides the steps necessary to create a user. The sample code in Step 3 sets the mandatory attributes and one optional attribute (email address) for the user object. For more information on setting optional attributes, refer to Appendix B, "PAP API Implementations."
To create a user, follow these steps:
Step 1 Initialize user manager object, ISubject.
ISubject subjectMgr = EntitlementManager.getInstance().getSubjectManager();
Step 2 Initialize user object, User.
User userObj = new User();
Step 3 Set the user attributes (ID, application, type, email)
userObj.setUserName("jdoe");
userObj.setApplicationName("Prime group");
userObj.setUserType(EntitlementManager.getInstance().getUserTypeManager().getUserType("Def
ault", "Global"));
userObj.setUserEmail("jdoe@cisco.com");
Step 4 Create the user.
subjectMgr.createUser(userObj);
Step 5 Log in to the administration console and verify creation of the user.
Exercise 9: Create Role
This exercise provides the steps necessary to create a resource. The sample code in Step 3 only sets the mandatory attributes for the role object. For more information on setting optional attributes, refer to Appendix B, "PAP API Implementations."
To create a resource, follow these steps:
Step 1 Initialize the role manager object, IRole.
IRole roleMgr = EntitlementManager.getInstance().getRoleManager();
Step 2 Initialize the role object, Role.
Role roleObj = new Role();
Step 3 Set the mandatory role attributes (name, description, parent role, application, type).
roleObj.setRoleName("Test Role");
roleObj.setRoleDesc("This is a test");
roleObj.setParentRoleName("Prime group");
roleObj.setApplicationName("Prime group");
roleObj.setRoleStatus("STATIC");
roleObj.setRoleType(EntitlementManager.getInstance().getRoleTypeManager().getRoleType("Def
ault", "Global"));
Step 4 Create the role.
roleMgr.createRole(roleObj);
Step 5 Log in to the administration console and verify creation of the role.
Exercise 10: Map User to Role
This exercise provides the steps necessary to map a user to a role. For more information on user, role, and resource mappings, refer to Appendix B, "PAP API Implementations."
To map a user to a role, follow these steps:
Step 1 Initialize user manager object, ISubject.
ISubject subjectMgr = EntitlementManager.getInstance().getSubjectManager();
Step 2 Map the user to the role (with user ID, role name, role bundle, and context).
subjectMgr.addUsertoRole("Prime group:jdoe",
"Prime group:Test Role",
"Global:Default",
"Global Context");
Step 3 Log in to the administration console and verify the user-to-role mapping.