使用使用者、群組、群組成員及群組成員資格的範例程式碼
針對涉及使用者、群組、群組成員及群組成員資格的基本作業,使用端對端範例程式碼及資料圖形。
此範例實務中涵蓋下列步驟:
- 使用 create 方法來新增 PersonAccount 實體類型的實體,以建立使用者。
- 透過使用 create 方法新增「群組」實體類型的實體來建立群組。
- 使用 update 方法將使用者新增至群組。
- 使用 get 方法和 GroupMember控制項來取得群組的成員。
- 使用 get 方法和 GroupMembership控制項來取得使用者所屬的群組 (群組成員資格)。
- 使用 update 方法及 GroupMember控制項,從群組中移除使用者。 如需使用 GroupMembership控制項從群組中移除使用者的範例程式碼,請參閱 從群組中移除使用者的範例程式碼主題。
- 使用 delete 方法來刪除使用者。
- 使用 delete 方法來刪除群組。
必要條件
請確定您已閱讀資訊並完成 程式設計必要條件主題中說明的步驟。
範例程式碼
將下列端對端範例程式碼新增至應用程式碼,並將 變數 取代為您要使用的實際值。
public class UserAndGroupSample extends BaseApp
{
// Define users and groups DNs
private static String user1Dn = "uid=user1,o=defaultWIMFileBasedRealm";
private static String user2Dn = "uid=user2,o=defaultWIMFileBasedRealm";
private static String group1Dn = "cn=group1,o=defaultWIMFileBasedRealm";
private static String group2Dn = "cn=group2,o=defaultWIMFileBasedRealm";
private static String EJB_JNDI_NAME = "ejb/com/ibm/websphere/wim/ejb/WIMServiceHome";
/**
* This sample does the following operations:
* Creates a user
* Creates a group
* Assigns the user to the group
* Gets the group members
* Gets the group membership
* Removes the user from the group
* Deletes a user
* Deletes a group
*/
public static void main(String[] args) throws Exception
{
// Initialize the profile service
locateService(EJB_JNDI_NAME);
// Create a user and a group respectively
addPersonAccount("user1","user1cn","user1sn");
addGroup("group1");
// Add the member user1 to the group
addMemberToGroup(user1Dn,group1Dn);
// Get the group members
getGroupMembers(group1Dn);
// Get the group membership
getGroupMembership(user1Dn);
// Remove the member user1 from the group
removeMemberFromGroup(user1Dn,group1Dn);
// Delete the user1
deleteEntity(user1Dn);
// Delete the group1
deleteEntity(group1Dn);
}
/**
* addPersonAccount
* Adds an entity of PersonAccount entity type
* @param uid value to be set
* @param cn value to be set
* @param sn value to be set
*/
public static void addPersonAccount(String uid, String cn, String sn)
{
try
{
DataObject root = SDOHelper.createRootDataObject();
DataObject entity = SDOHelper.createEntityDataObject(root, null,
SchemaConstants.DO_PERSON_ACCOUNT);
// Set the properties of the person
entity.set("uid", uid);
entity.set("cn", cn);
entity.set("sn", sn);
System.out.println("Input data graph before creating user"+ printDO(root));
// Create the PersonAccount entity
root = service.create(root);
System.out.println("Output data graph after creating user"+ printDO(root));
}
catch(Exception e)
{
e.printStackTrace();
}
}
/**
* addGroup Adds an entity of type Group
* @param cn value to be set
*/
public static void addGroup(String cn)
{
try
{
DataObject root = SDOHelper.createRootDataObject();
DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP);
// Set the cn of the group
entity.set("cn", cn);
System.out.println("Input data graph before creating group"+ printDO(root));
// Create the group entity
root = service.create(root);
System.out.println("Output data graph after creating group"+ printDO(root));
}
catch(Exception e)
{
e.printStackTrace();
}
}
/**
* addMemberToGroup adds a user to the group
* @param memberDn uniqueName of the member
* @param groupDn uniqueName of the group
*/
public static void addMemberToGroup(String memberDn, String groupDn)
{
try
{
DataObject root = SDOHelper.createRootDataObject();
DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP);
// Set the group uniqueName
entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME,
groupDn);
DataObject member1 = SDOHelper.createDataObject(SchemaConstants.WIM_NS_URI,
SchemaConstants.DO_ENTITY);
// Set the member uniqueName
member1.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME,
memberDn);
// Add the member to the group
entity.getList(SchemaConstants.DO_MEMBERS).add(member1);
System.out.println("Input datagraph before adding member to group"+ printDO(root));
// Update the group
root = service.update(root);
System.out.println("Output datagraph after adding member to group"+ printDO(root));
}
catch(Exception e)
{
e.printStackTrace();
}
}
/**
* getGroupMembers Returns the members of the group
* @param groupDn uniqueName of the group
*/
public static void getGroupMembers(String groupDn)
{
try
{
DataObject root = SDOHelper.createRootDataObject();
DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP);
// Set the group uniqueName
entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME,
groupDn);
// Set the property control
DataObject propCtrl = SDOHelper.createControlDataObject(root, null,
SchemaConstants.DO_PROPERTY_CONTROL);
//Retrieve the cn of group whose members need to be searched
propCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("cn");
// Set the group member control
DataObject grpMbrCtrl = SDOHelper.createControlDataObject(root, null,
SchemaConstants.DO_GROUP_MEMBER_CONTROL);
// Retrieve cn and uid attributes for all members
grpMbrCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("cn");
grpMbrCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("uid");
System.out.println("Input data graph before getting group members"+ printDO(root));
// Get the members of the group
root = service.get(root);
System.out.println("Output data graph after getting group members"+ printDO(root));
}
catch(Exception e)
{
e.printStackTrace();
}
}
/**
* getGroupMembership Gets the groups to which the user belongs
* @param memberDn uniqueName of the user
*/
public static void getGroupMembership(String memberDn)
{
try
{
DataObject root = SDOHelper.createRootDataObject();
DataObject entity = SDOHelper.createEntityDataObject(root, null,
SchemaConstants.DO_PERSON_ACCOUNT);
// Set the uniqueName of the group
entity.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME,
memberDn);
// Set the Group membership control
DataObject grpMbrshipCtrl = SDOHelper.createControlDataObject(root, null,
SchemaConstants.DO_GROUP_MEMBERSHIP_CONTROL);
// Set the property of level to retrieve all the nested entities
grpMbrshipCtrl.setInt(SchemaConstants.PROP_LEVEL, SchemaConstants.PROP_LEVEL_NESTED);
// Retrieve cn attribute for all groups
grpMbrshipCtrl.getList(SchemaConstants.PROP_PROPERTIES).add("cn");
System.out.println("Input data graph before getting group membership of user"+ printDO(root));
// Get the members of the group
root = service.get(root);
System.out.println("Output data graph after getting group membership of user"+ printDO(root));
}
catch(Exception e)
{
e.printStackTrace();
}
}
/**
* removeMemberFromGroup remove the user from the group
* @param memberDn uniqueName of the user
* @param groupDn uniqueName of the group
*/
public static void removeMemberFromGroup(String memberDn, String groupDn)
{
try
{
DataObject root = SDOHelper.createRootDataObject();
DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_GROUP);
// Set the uniqueName of the group
entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME,
groupDn);
DataObject member1 = SDOHelper.createDataObject(SchemaConstants.WIM_NS_URI,
SchemaConstants.DO_ENTITY);
// Set the member uniqueName to be removed
member1.createDataObject(SchemaConstants.DO_IDENTIFIER).setString(SchemaConstants.PROP_UNIQUE_NAME,
memberDn);
// Retrieve the member to remove it from the group
entity.getList(SchemaConstants.DO_MEMBERS).add(member1);
// Set the group member control
DataObject grpMbrCtrl = SDOHelper.createControlDataObject(root, null,
SchemaConstants.DO_GROUP_MEMBER_CONTROL);
// Unassign mode to remove the member from the group
grpMbrCtrl.setInt(SchemaConstants.PROP_MODIFY_MODE, SchemaConstants.VALUE_MODIFY_MODE_UNASSIGN);
System.out.println("Input datagraph before removing member from group"+ printDO(root));
// Update the group to remove the member
root = service.update(root);
System.out.println("Output datagraph after removing member from group"+ printDO(root));
}
catch(Exception e)
{
e.printStackTrace();
}
}
/**
* deleteEntity Deletes the given entity
* @param entityName
*/
public static void deleteEntity(String entityName)
{
try
{
DataObject root = SDOHelper.createRootDataObject();
DataObject entity = SDOHelper.createEntityDataObject(root, null, SchemaConstants.DO_ENTITY);
// Set the delete control
DataObject ctrl = SDOHelper.createControlDataObject(root, null,
SchemaConstants.DO_DELETE_CONTROL);
// Set the return property after deletion
ctrl.setBoolean(SchemaConstants.PROP_RETURN_DELETED, true);
// Set the uniqueName of the entity to be deleted
entity.createDataObject(SchemaConstants.DO_IDENTIFIER).set(SchemaConstants.PROP_UNIQUE_NAME,
entityName);
System.out.println("Input data graph before deleting entity"+ printDO(root));
// Delete the entity
root = service.delete(root);
System.out.println("Output data graph after deleting entity"+ printDO(root));
}
catch(Exception e)
{
e.printStackTrace();
}
}
}輸入及輸出資料圖形
接下來會提供此範例每一個步驟的輸入資料圖形及產生的輸出資料圖形。
用於建立使用者 (即 PersonAccount 實體類型的實體) 的輸入資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:PersonAccount">
<wim:uid>user1</wim:uid>
<wim:cn>user1cn</wim:cn>
<wim:sn>user1sn</wim:sn>
</wim:entities>
</wim:Root>
</sdo:datagraph>建立使用者之後輸出資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:PersonAccount">
<wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
</wim:Root>
</sdo:datagraph>用於建立群組的輸入資料圖形,亦即「群組」實體類型的實體:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:cn>group1</wim:cn>
</wim:entities>
</wim:Root>
</sdo:datagraph>建立群組之後輸出資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
</wim:Root>
</sdo:datagraph>用於將使用者新增至群組的輸入資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
<wim:members>
<wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
</wim:members>
</wim:entities>
</wim:Root>
</sdo:datagraph>將使用者新增至群組之後輸出資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
</wim:Root>
</sdo:datagraph>輸入資料圖,以取得具有 GroupMemberControl 的群組成員:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
<wim:controls xsi:type="wim:PropertyControl">
<wim:properties>cn</wim:properties>
</wim:controls>
<wim:controls xsi:type="wim:GroupMemberControl">
<wim:properties>cn</wim:properties>
<wim:properties>uid</wim:properties>
</wim:controls>
</wim:Root>
</sdo:datagraph>取得群組成員之後輸出資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
<wim:cn>group1</wim:cn>
<wim:members xsi:type="wim:PersonAccount">
<wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
<wim:uid>user1</wim:uid>
<wim:cn>user1cn</wim:cn>
</wim:members>
</wim:entities>
</wim:Root>
</sdo:datagraph>輸入資料圖,用於取得具有 GroupMembership控制項的使用者所屬群組 (群組成員資格):
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:PersonAccount">
<wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
<wim:controls xsi:type="wim:GroupMembershipControl">
<wim:properties>cn</wim:properties>
</wim:controls>
</wim:Root>
</sdo:datagraph><?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:PersonAccount">
<wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
<wim:groups>
<wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
<wim:cn>group1</wim:cn>
</wim:groups>
</wim:entities>
</wim:Root>
</sdo:datagraph>輸入資料圖,用於從具有 GroupMember控制項的群組中移除成員:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
<wim:members>
<wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
</wim:members>
</wim:entities>
<wim:controls xsi:type="wim:GroupMemberControl" modifyMode="3"/>
</wim:Root>
</sdo:datagraph>從群組中移除成員之後輸出資料圖:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
</wim:Root>
</sdo:datagraph>用於刪除使用者的輸入資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities>
<wim:identifier uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
<wim:controls xsi:type="wim:DeleteControl" returnDeleted="true"/>
</wim:Root>
</sdo:datagraph>刪除使用者之後輸出資料圖:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:PersonAccount">
<wim:identifier externalName="uid=user1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="96f69bb7-8048-4417-b871-37ebe7362bea" uniqueName="uid=user1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
</wim:Root>
</sdo:datagraph>用於刪除群組的輸入資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities>
<wim:identifier uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
<wim:controls xsi:type="wim:DeleteControl" returnDeleted="true"/>
</wim:Root>
</sdo:datagraph>刪除群組之後輸出資料圖形:
<?xml version="1.0" encoding="UTF-8"?>
<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:sdo="commonj.sdo" xmlns:wim="http://www.ibm.com/websphere/wim">
<wim:Root>
<wim:entities xsi:type="wim:Group">
<wim:identifier externalName="cn=group1,o=defaultWIMFileBasedRealm" repositoryId="InternalFileRepository"
uniqueId="a814ea28-1bfb-4093-b481-5bb128b4818a" uniqueName="cn=group1,o=defaultWIMFileBasedRealm"/>
</wim:entities>
</wim:Root>
</sdo:datagraph>