Decryption of OIM Password in 11GR2PS3

The below code is used to decrypt the user password in OIM 11GR2PS3.

I tried to decrypt using standalone code in JDeveloper and came to know its not possible using standalone code.
So please create a scheduler to decrypt the password.

package com.ghr;

import java.sql.Connection;

import java.sql.PreparedStatement;

import java.sql.ResultSet;

import java.util.HashMap;

import oracle.iam.platform.Platform;
import oracle.iam.scheduler.vo.TaskSupport;

import tc.idm.common.utils.TSLogger;
import com.thortech.xl.crypto.*;

public class DecryptOIMUserPassword extends TaskSupport {
    public static final String TS_SCHEDULER_LOGGER = "TC.SCHEDULER";
    TSLogger logger = new TSLogger(TS_SCHEDULER_LOGGER);
    private String className = this.getClass().getName();
    
    public void execute(HashMap taskParams) throws Exception {
        String methodName = "execute";
        logger.setMethodStartLog(className, methodName);
        String encryptedPassword = null;
        String decryptedPassword = null;
        String userTSID = (String)taskParams.get("UserTSID");
        logger.info(className, methodName, "User ID: "+userTSID);
        Connection connection = Platform.getOperationalDS().getConnection(); 
        String sql = "select USR_PASSWORD from usr where usr_login = ?";
        PreparedStatement stmt=connection.prepareStatement(sql);  
        stmt.setString(1, userTSID);
        ResultSet rs = stmt.executeQuery();
        
        if(rs.next()){
            encryptedPassword = rs.getString("USR_PASSWORD");
        }
        logger.info(className, methodName, "Encrypted password: "+encryptedPassword);
        if(encryptedPassword != null){
            decryptedPassword = tcCryptoUtil.decrypt(encryptedPassword, "DBSecretKey");    
        }
        logger.info(className, methodName, "Decrypted password: "+decryptedPassword);
        logger.setMethodFinishLog(className, methodName);
    }

    public HashMap getAttributes() {
        return new HashMap();
    }

    public void setAttributes() {
    }
}

Comments

Post a Comment

Popular posts from this blog

Rules in Sailpoint

Rules in Sailpoint Below are few commonly used rules in Sailpoint Sailpoint rules gets executed in the below order during aggregation Flow: Pre-Iterate Rule BuildMap Rule Managed Entitlement Customization Rule Customization rule Correlation rule Manager correlation rule Creation rule PostIterate Rule Pre-Iterate Rule: 1st rule that runs during aggregation You can perform below operations in this rule Check file existence Modify the data in the files Merge files BuildMap Rule: 2nd Rule thats runs during aggregation, Using build map rule you can deal with application schema ex: populate value for custom column for the application. Build map is not available for connected apps(JDBC has jdbc buildmap). Available only for disconnected apps like delimited files. Customization Rule:  Runs after buildmap rule, this can be used to transform data of resource object/account data during account aggregation Ex: if you have status value...
Read more

Sailpoint Installation Steps (IdentityIQ 7.3 Installation in Windows Machine)

This document helps you set up Sailpoint IdentityIQ 7.3 in Windows Operating System Softwares Required: MySQL 5.6 server Click here to download Apache Tomcat  9.0 Click here to download Java JDK 1.8 and above Click here to download Sailpoint IdentityIQ 7.3 application You may require to login into Sailpoint community to download Install the above softwares, update JDK, MySQL paths in environment Path variable Note: If you are facing issue in MySQL service then try running below commands mysqld –install net start mysql Sailpoint Configuration Steps: Create an \idenityiq directory under the Tomcat webapps directory: for example, C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\identityiq Unzip the identityiq-7.3.zip file. Copy iidentityiq.war file to the C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps\identityiq Run below command to extract identityiq.war jar -xvf C:\Program Files\Apa...
Read more

How to create provisioning plan in Sailpoint

//Provide application name, attributes, operation ProvisioningPlan plan = new ProvisioningPlan(); List requests = new ArrayList(); List attributes = new ArrayList(); /*Identity identity = context.getObjectById(Identity.class, formModel.get("identity"));*/ AccountRequest account = new AccountRequest(); account.setApplication("HR_Staging"); account.setOperation(AccountRequest.Operation.Create); attributes.add(new AttributeRequest("FIRST_NAME", identity .getAttribute("firstname"))); attributes.add(new AttributeRequest("LAST_NAME", identity .getAttribute("lastname"))); account.setAttributeRequests(attributes); requests.add(account); //plan.setIdentity(identity); plan.setAccountRequests(requests); System.out.println("Plan xml : " + plan.toXml());
Read more