[midPoint] Hook: detect change Password

Oskar Butovič - AMI Praha a.s. oskar.butovic at ami.cz
Mon Nov 27 17:30:33 CET 2017


Hello Marco,

I suggest iteration over modifications.

In one hook I check whether email is changed this way:

Collection deltas = new ArrayList<>();
if (modelContext.getFocusContext() != null) {
addIgnoreNull(deltas, modelContext.getFocusContext().getPrimaryDelta());
addIgnoreNull(deltas, modelContext.getFocusContext().getSecondaryDelta());
}

for(delta in deltas) {
modifications = delta.getModifications();
for(modification in modifications){
//log.info("modification " + modification);
//log.info("modification.getAnyValue() " + modification.getAnyValue());
isEmailChange = modification.getElementName().getLocalPart() ==
"emailAddress";
if(isEmailChange){
//do something
}
}
}

hint: if you want to compare old and new value I suggest fetching old user
from database via midpoint.getUserByOid()

Best regards
Oskar Butovič


2017-11-27 17:18 GMT+01:00 Marco Benucci <m.benucci at nsr.it>:

> Hi,
>
> I'm running midPoint 3.6 and I'm playing with hooks.
>
> I'd like to detect when an user has changed his/her password using hooks
> and I have tried this without luck:
>
> delta = ObjectDelta.summarize(modelContext.getPrimaryChanges());
> QName pwdName = new QName("http://midpoint.evolveum.com/xml/ns/public/
> common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>,
> "credentials/password/value");
> ItemPath pwdPath = new ItemPath(pwdName);
> if(delta.hasItemDelta(pwdPath)){
>     println("user has changed the password");
> }
>
>
> Is there a better way to do this..?
>
> Thank you.
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>


-- 

Oskar Butovič
solution architect

gsm: [+420] 774 480 101
e-mail: oskar.butovic at ami.cz


AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel.: [+420] 274 783 239
web: www.ami.cz


[image: AMI Praha a.s.]

[image: AMI Praha a.s.]
<http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>

Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
písemnou formu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171127/2e1dcb0a/attachment.htm>


More information about the midPoint mailing list