Scenario 1 – We want to calculate the SHA 256 hash of a user’s LDAP attribute using a salt. Assume that salt is also an LDAP attribute of the user.
- Create a java class “Hashing.java” under “testProj” package.
- Make a function getHash(String input, String salt) in this class that calculates the hash of input string using the provided salt.
- Compile this class and put it under following paths with the proper package structure.
IDP : /opt/novell/nids/lib/webapp/WEB-INF/classes
Admin console : /var/opt/novell/iManager/nps/WEB-INF/classes
For our current scenario create a folder testProj under classes folder and keep this complied “Hashing” class under that.
- Restart IDP and Admin console.
- Create a virtual attribute with P1 and P2 as input. Map P1 and P2 to appropriate user LDAP attributes. P1 will act as the input whose hash needs to be found out and P2 will be the salt.
var hashLib= Java.type('testProj.Hashing');
var vaHashLib = new hashLib();
Here we are calling testProj.Hashing class’s getHash() function and passing user attributes P1 and P2 to it . You can test the virtual attribute as below:
After testing, save Virtual attribute and update IDP.
Please find the Java class used above in the attachment section of this cool solution.
Scenario 2 :
Some function from external java library is required in virtual attributes for modifications.
Place the external library under following location and restart the IDP and Admin console service.
IDP : /opt/novell/nids/lib/webapp/WEB-INF/lib
Admin console : /var/opt/novell/iManager/nps/WEB-INF/lib
var extLib= Java.type(‘<class name with full package name’);
var vaExtLib = new extLib();
return vaExtLib.<function name in the class> (<parameters>);
(For more information on Virtual attributes please check https://community.microfocus.com/t5/Access-Manager-Tips-Information/User-Attribute-Transformations-in-Access-Manager-4-2-Virtual/ta-p/1776381)