IdentityMinder BLTHContext::getGroupAdmins() doesn't work as expected (Legacy_Onyx KB Id: 215183)
search cancel

IdentityMinder BLTHContext::getGroupAdmins() doesn't work as expected (Legacy_Onyx KB Id: 215183)


Article ID: 55002


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On



Customer would like to make sure that a group has atleast one administrator. For example, an administrator goes into Modify Group task and removes all the Administrators from the list. Customer would like to give out an error when this happens and stop the administrator from deleting all the administrators from the group.

Following is the code of BLTH to accomplish this. It is based on the (that works correctly) which limits the number of members added to a group to 10.

package com.netegrity.samples;

import com.netegrity.ims.exception.IMSException;
import com.netegrity.llsdk6.imsapi.managedobject.*;
import com.netegrity.imapi.BLTHAdapter;
import com.netegrity.imapi.BLTHContext;
import com.netegrity.imapi.ResultsContainer;
import com.netegrity.llsdk6.imsapi.type.ObjectType;
import com.netegrity.llsdk6.imsapi.type.ActionType;
import java.util.Vector;

public class BLTHGeneCheckGroup extends BLTHAdapter

public boolean shouldExecute(BLTHContext context) throws Exception
if ((context.getTSContext().getTask().getActionType()==ActionType.MODIFY &&
context.getTSContext().getSubject().getObjectType() == ObjectType.GROUP))
return true;

return false;

public int handleTask(BLTHContext context) throws Exception
ResultsContainer groupAdmins = context.getGroupAdmins();
BufferedWriter out = new BufferedWriter(new FileWriter("/tmp/idmerr.log", true));
out.write( "
Current Values: " + groupAdmins.getCurrentValues().size() + ", Additions: " + groupAdmins.getAdditions().size() + ", Deletions: " + groupAdmins.getDeletions().size() + ", New Current Values: " + groupAdmins.getNewCurrentValues().size() );
} catch (IOException e)
IMSException imsEx = new IMSException();
imsEx.addUserMessage("Error: Cannot open log file.");
throw imsEx;
/*if ( ( groupAdmins.getCurrentValues().size() + groupAdmins.getAdditions().size() - groupAdmins.getDeletions().size() ) < 1 )
IMSException imsEx = new IMSException();
imsEx.addUserMessage("Error: Group must contain at least one owner.");
throw imsEx;}*/

return 0;

Following is the debug output if the administrator goes in and adds 2 administrators removes one administrator in a group that already contains 5 administrators:

Current Values: 5, Additions: 0, Deletions: 0, New Current Values: 0

As you can see, groupAdmins.getCurrentValues().size() returns 5 which is correct. However, Additions returns 0 (should be 2), Deletion returns 0 (should be 1) and New Current Values returns 0 (should be 6).

We have spent quite some time and cannot figure out why it is behaving like this. Please let me know if you need further information on how to debug this.


Customer got functionality to work with the GroupGroupsTabHandler class in the ims.jar.


Component: IDMIND