OAAM 11G Redirect User To Security Profile Setting Page

I came across one of the interesting requirement few months back.  Users are migrating from their existing legacy system to Oracle IAM. During migration, user should authenticate against legacy trusted system instead of IAM directory service and should redirect them to product's security profile setting in order to set their profile.

Here we had two challenge's in the requirements are,
    1. Implementing custom authentication instead of product's OOTB authentication.
    2. Redirection to product's security profile setting

Note: Oracle won't provide any support as we are doing customization at extensively.

1. Authentication Against Legacy System
Once user enters their credentials, a custom servlet  placed in default flow that, intercept the user request and does validation against legacy system.

2. Redirect to Security Profile Setting Page
Once user authentication successful, user redirected to migration page. Upon successful migration, user will be redirected to product's profile setting page to complete security profiles.
In order to redirect security profile page, we should do below changes custom servlet:

  i. Create user object if does not exists otherwise, retrieve user from OAAM using OAAM API. Mostly, user creation will not need as OAAM maintains user details in persistent cookie in the browser.

        User Exists In OAAM
        Retrieve the user id from the session data.

UIOSessionData sessionData = UIOSessionData.instance(request);
VCryptAuthUser user = sessionData.getClientAuthUser(); 

        User Does Not Exists In OAAM
        Whenever user logs in, OAAM creates the user account and will be stored in vcrypt_user table. If user does not exist then, create OAAM user object and set in session data.

// Set user attributes such as user id, customer id, group, status, preference
VCryptAuthUser user = new VCryptAuthUser();

// Create User using Private API
user = getBharosaProxy().createUser(user);

// Retrieve user object 
user = BharosaProxyImpl.getInstance().getUserByLoginId(“chella”);
user.setCustomerGroupId(“Default”);
sessionData.setClientAuthUser(user);
sessionData.setCustomerId(user.getCustomerId());
sessionData.setLoginId(user.getLoginId());
sessionData.setUserEnteredLoginId(user.getLoginId());

 ii. Set authentication result as success and user authenticated should be set to true because, this makes OAAM to believe that user is authenticated successful.

sessionData.setAuthResult(0); // Success
sessionData.setIsAuthenticated(true); // Authenticate True is success

iii. Update authentication status before redirecting

UIOUtil uioUtil = UIOUtil.instance();
uioUtil.updateAuthStatus(sessionData);

 iv. Redirect user to oaam server’s updateLoginStatus.do in order to user set security profile setting.

  v. If user profile was not set already then, user will be prompted to choose image and security profile questions.  Otherwise, user will be prompted to answer challenge questions.