Wednesday, August 19, 2015

GEL Script : How to get seesion ID for given user without password


There are many occasions  I need to xog in custom or OOB object using GEL script and if you use static username and password you need to keep maintain script to change password when security policy force you to change it. 

There can be also situation where you want to xog in object using user who kicked off process, in that case you can get username based on process instance id and get his/her session ID without knowing his password.

Following is the code snippet to get session ID from clarity for given user without knowing password.

<!-- Start - Generate XOG Session ID using the XOG_UserName parameter supplied -->

<core:new className="com.niku.union.security.DefaultSecurityIdentifier" var="secId"/>
<core:invokeStatic className="com.niku.union.security.UserSessionControllerFactory" method="getInstance" var="userSessionCtrl"/>
<core:set value="${userSessionCtrl.init(XOG_UserName, secId)}" var="secId"/>
<core:set value="${secId.getUserName()}" var="XOGUsername"/>
<core:set value="${secId.getPWD()}" var="XOGPassword"/>
<core:set value="${secId.getSessionId()}" var="sessionID"/>

<gel:log category="XOG" level="INFO">Username for XOG set - ${XOGUsername}</gel:log>
<core:choose>
<core:when test="${XOGPassword == null}">
<gel:log category="XOG" level="WARN">Password not found for ${XOG_UserName}</gel:log>
</core:when>
<core:otherwise>
<gel:log category="XOG" level="INFO">[Encrypted Password Located for ${XOG_UserName}]</gel:log>
</core:otherwise>
</core:choose>
<gel:log category="XOG" level="INFO">Session ID set - ${sessionID}</gel:log>
<!-- End - Generate XOG Session ID using the XOG_UserName parameter supplied -->

Tuesday, September 22, 2009

Hidden Pages of Clarity Part-1

There are some hidden page in Clarity that allows advance management functions. Such pages don't have links visible on Clarity application or admin side. Following are some such pages.

http://localhost/niku/app?action=security.caches

This page allows us to flush selected object or all the object from application cache. Flush will not affect any kind of application outage.
Some of the use:
  • Sometimes user complains they don't see manu links on the left hand side, they see blank bar, but no links. If you find such problems go to above page and use flush all it will resolve the issue.
  • Many customization (off-bit customization) needs refresh of the application server memory. We can use flush all in such cases.

Remove specific Column from Resource Skill Page

Many times we get requirement from client to hide or remove some column from the clarity, which cannot be done from Admin side. E.g. I got requirement to remove Weight field from resource skill page. This change cannot be done through Skill Configuration at Clarity Admin Side.

Step-1
We need to find from application setup, from which file this page is rendered. Most of the pages get rendred from .xsl file. Resource Skill page is rendered using file:

..\niku\clarity\meta-inf\resource\vxls\skillassocs\skillassoclist.xsl

Step-2

Now we need to find where is the code to create column. We can use M
ozilla FireBug to get ID of the column that is used in code. See the following screenshot. In the screenshot I have find id for Proficiency column as I have already Hide weight column.

Screen1:




Screen2:



Step 3:
Remove the code from file, for respective column. For weight column we need to comment out Lines 121 to 123 and 162 to 175. See below screenshots.

Screen 3:


Screen 4:




Step 5:
Flush application Cache or restart application services.

*Note: You need to take care of this file during upgrades.

Friday, August 14, 2009

LDAP Sync Job unlocks all LDAP User

Clarity suggest to have separate node in LDAP directory for Clarity users. Only keep the users who intended to use clarity should be in that group only. If user should not use clarity then remove that user from Clarity node in LDAP directory so that user will be inactivated in clarity on running LDAP Sync Job. And doing this will ensure only required users are active in clarity.

There are many clients who don't want to change their LDAP structure for clarity and they use common node which all application uses. They same time want that LDAP sync job don't unlock the users who were locked before running LDAP sync JOB. Following is the solution for that. Please add following trigger to cmn_sec_users.






Code:

CREATE OR REPLACE TRIGGER "NIKU"."LDAP_LOCK_USERS"

BEFORE INSERT OR UPDATE ON CMN_SEC_USERS

FOR EACH ROW

declare

userid number;

BEGIN

//This select statement checks status of Sync new and Update job if it is processing we pick user who schedule //that job. So if job is not running we will have last_updated_by will be null and following condition will never //satisfy so trigger will effective only while Sync new and update job runs.

s
elect last_updated_by into userid from cmn_sch_jobs_v where job_definition_id = 50069 and status = 'Processing' and rownum = 1 order by start_date;

//During that job is processing we will check for insertion and updating.

//If last updated by user name matches we lock new users. In other words if currently edited user's updated by and user who is running the job are same we will lock the user.

IF INSERTING and :NEW.LAST_UPDATED_BY = userid THEN

:NEW.USER_STATUS_ID := 202;

//If last updated by user name matches while updates and if user old status is lock we lock them (as sync new //and update job activates user on sync)

ELSE IF UPDATING AND :OLD.USER_STATUS_ID = 202 and :new.last_updated_by = userid THEN

:NEW.USER_STATUS_ID := 202;

END IF;

END IF;

exception

when NO_DATA_FOUND THEN

NULL;

END;




*Note: Revisit this trigger after every SP/FP or Upgrade if this piece needs to added again.

Monday, September 22, 2008

3. Customizing Login Page

Add Rolling Alert message on Clarity Login Page. Login page should look like below




1. Go to D:\niku\clarity\webroot\ui\evolution2\xsl folder, if clarity is installed in “d:” drive.

2. Open login_en.xsl file in notepad or wordpad editor.

3. Locate following code (aroung line number 58).



4. Add following code (Add this code after )



Above code creates a table without border and add a message text with marquee in clarity login page.

5. Save file.

6. Restart application services.



Thursday, September 4, 2008

2. How to use Java class in GEL and tokenize string









Main code starts from Line 4
Line 4: core:new will create new object of className attribute. Give a path of class in className. Same as we use in import statement in JAVA
Line 5: This line is optional. Here in this sample we have input parameter to constructor of StringTokenizer. We can pass parameter to constructore using core:arg tag.
Line 6: This is while loop and here I am calling function of Test object. Note Test is from var in line 4.
Line 7: Here I am calling nextToken function of Test object which will return token in var attribut.
Line 8: Printin Token on consol

Tuesday, July 22, 2008

1. While Loop in GEL Script


Line 2,3: Variable Declaration
Line 4: while loop with multiple condition
Line 5: Print start
Line 6: If condition to reset flag
Line 7: Reset Flag
Line 8: Print Flag

Line 9: If complete
Line 10: Increment Start
Line 11: While Complete