Question

全部。我正在尝试使用sunIdentityServerPPCommonNameSN使用Forgerock OpenAM-12.0.0的ClientSDK工具来搜索用户。看看我的代码。我发现我可以通过filter参数的AMIdentityRepository.searchIdentities搜索用户。但是，我没有找到格式。请给我你的帮助。方面。

protected void doGet(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException {
                // TODO Auto-generated method stub
                try {
                        AuthContext ac = new AuthContext("/");
                AuthContext.IndexType indexType =
AuthContext.IndexType.MODULE_INSTANCE;
                String indexName = "DataStore";

                ac.login(indexType, indexName);

                Callback[] callback = ac.getRequirements();

                for (int i =0 ; i< callback.length ; i++) {
                    if (callback[i] instanceof NameCallback) {
                        NameCallback name = (NameCallback) callback[i];
                        name.setName("amAdmin");
                    } else if (callback[i] instanceof PasswordCallback) {
                        PasswordCallback pass = (PasswordCallback) callback[i];
                        String password = "adAdmin00";
                        pass.setPassword(password.toCharArray());
                    }

                }

                ac.submitRequirements(callback);

                        if(ac.getStatus() == AuthContext.Status.SUCCESS){
                                SSOToken token = ac.getSSOToken();
                                AMIdentityRepository amIr = new AMIdentityRepository(token, "/");

                                // I want to search for the users by sunIdentityServerPPCommonNameSN;
                                String filter = "sunIdentityServerPPCommonNameSN=*";
                IdSearchResults isr = amIr.searchIdentities(IdType.USER,
filter,
                        new IdSearchControl());
                Set<AMIdentity> results = isr.getSearchResults();

                if ((results != null) && !results.isEmpty()) {
                    IdSearchResults specialUsersResults =
                            amIr.getSpecialIdentities(IdType.USER);

results.removeAll(specialUsersResults.getSearchResults());

                    for (Iterator<AMIdentity> i = results.iterator();
i.hasNext(); ) {
                        AMIdentity amid = i.next();
                        System.out.println("dn: "+ amid.getDN());
                        System.out.println("realm: "+ amid.getRealm());
                        System.out.println("uid: "+ amid.getUniversalId());
                        System.out.println("type: "+ amid.getType());

                    }
                }
                        }
                } catch (AuthLoginException e) {
                        e.printStackTrace();
                } catch (L10NMessageImpl e) {
                        e.printStackTrace();
                } catch (IdRepoException e) {
                        e.printStackTrace();
                }
        }

Answer 1

强烈建议您使用ForgeRock REST API而不是Java SDK。

查看OpenAM开发人员指南http://openam.forgerock.org/doc/webhelp/dev-guide/rest-api-query-identity.html

最好的选择是直接查询数据存储。例如，如果您使用的是OpenDJ，则可以使用OpenDJ LDAP SDK或OpenDJ REST界面。

通过Forgerock ClientSDK工具搜索用户

1 个答案: