Show TOC Start of Content Area

This graphic is explained in the accompanying text Example: Attribute Mapping for Custom Attributes  Locate the document in its SAP Library structure

Denise DeLasandros has a developed an application for her SAP NetWeaver Application Server (AS) Java, which makes the following call over the User Management Engine (UME) application programming interface (API):

IUser.getAttribute

("com.mycompany.app1",

"myCostCenter")

With this method she wants to retrieve the cost center information for a user from the directory service. In the directory service, the attribute is named costCenter. To achieve this, Denise must modify the following subsections of the directory service section of the data source configuration file:

        <responsibleFor>

        <attributeMapping

<responsibleFor> Subsection

Denise must add the custom attribute myCostCenter to the <responsibleFor> subsection for the LDAP directory of the data source configuration file. Adding the attribute defines that this resource is stored on the directory server.

Example: <responsibleFor> Subsection

<dataSource id="CORP_LDAP"
       className="com.sap.securtiy.core.persistence.datasource.imp.LDAPPersistence"
       isReadonly="false"
       isPrimary="true">
  …
  <responsibleFor>
    <principal type="account"/>
    <principal type="user">
      <nameSpace name="com.mycompany.app1">
        <attributes>
          …
          <attribute name="myCostCenter"/>
        </attributes>
      </nameSpace>
    </principal>
    …
  </responsibleFor>
  …
</dataSource>


 

<attributeMapping> Subsection

Denise must map the logical attribute to the corresponding physical attribute in her directory service. These attributes may be vendor-specific.

Caution

Denise must enter the name of the physical attribute in lower case letters! Otherwise the mapping does not work.

Example: <attributeMapping> Subsection

<dataSource id="CORP_LDAP"
       className="com.sap.securtiy.core.persistence.datasource.imp.LDAPPersistence"
       isReadonly="false"
       isPrimary="true">
  …
  <attributeMapping>
    <principals>
      <principal type="user">
        <nameSpace name="com.mycompany.app1">
          <attributes>
          …
            <attribute name="myCostCenter">
              <physicalAttribute name="costcenter"/>
            </attribute>
          </attributes>
        </nameSpace>
      </principal>
      …
    </principals>
    …
  </attributeMapping>
  …
</dataSource>


 

The call that Denise programmed functions after uploading the data source configuration file and restarting the AS Java.

Viewing Custom Attributes From Identity Management

Denise’s colleague, Boris Vega, wants user administrators as well as business users to be able to view the custom attribute in the user profile of the identity management application. To do this he must modify the following UME properties as shown below:

        ume.admin.addattrs=com.mycompany.app1:myCostCenter

        ume.admin.self.addattrs=com.mycompany.app1:myCostCenter

Once Boris saves the changes and restarts the AS Java, users can view the cost center attribute in the user profile of the identity management application. For more information, see Adding Custom Attributes to the User Profile.

End of Content Area