[midPoint] Setting the credentials of a shadow

Chris Woods Chris.Woods at rohde-schwarz.com
Sun Feb 2 17:33:23 CET 2020


Hi everyone,

does anyone know the correct way (using the Java REST Client) to set the password of a specific resource account. I don't want to set the midpoint password itself - I already have that working. I am trying the following, but not succeeding. I am using the 3.9-SNAPSHOT builds of the java client from October 2019 as I cannot move the system performing the call to Java 11.

ObjectModifyService<ShadowType> oms = impersonateService.shadows().oid(rai.getOid()).modify();
PasswordType password = new PasswordType();
ProtectedStringType passwordString = new ProtectedStringType();
passwordString.getContent().add(newPassword);
password.setValue(passwordString);
password.setForceChange(Boolean.FALSE);

oms.replace("credentials/password", password);

oms.post();

This does cause a modification, but in the audit it shows a "delete" + "add" for the credentials. This does not happen when changing the password via the UI. In addition, the password is not valid on the resource after the REST call. Changing via the UI (where the audit shows just one modify) does work correctly.

The other variation that I tried was :
ObjectCredentialService<ShadowType> ocs = impersonateService.shadows().oid(rai.getOid()).credential();
ExecuteCredentialResetRequestType ecrrt = new ExecuteCredentialResetRequestType();
ecrrt.setResetMethod("passwordReset");
ecrrt.setUserEntry(newPassword);

TaskFuture<ExecuteCredentialResetResponseType> task = ocs.executeResetPassword(ecrrt).apost();

but this results in an "ObjectNotFound" exception.

Thanks in advance!
Regards,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200202/6f13aaea/attachment.htm>


More information about the midPoint mailing list