Skip navigation
All People > kumsa29 > Sarvesh Kumar's Blog > 2018 > July

In BLTH, set following session attribute on handleSubject:



                public void handleSetSubject(BLTHContext context)

                throws Exception {


                                context.setSessionAttribute("TASK_SESSION_ATTRBUTE_NAME", "Test BLTH Session Attribute");                               



On a custom JSP page:

<%@page import=""%>

<%@page import="com.netegrity.llsdk6.imsapi.managedobject.Account"%>

<%@page import="java.util.Vector"%>

<%@ page import="com.netegrity.llsdk6.imsapi.managedobject.User" %>

<%@ page import="com.netegrity.webapp.UIContext" %>

<%@ page import="com.netegrity.llsdk6.imsapi.*" %>

<%@ page import="com.netegrity.llsdk6.imsapi.provider.UserProvider" %>

<%@ page import="com.netegrity.ims.task.TaskSession" %>


                TaskController taskController = (TaskController)request.getAttribute("TaskController");

                User user = (User)taskController.getTaskSession().getSubject();

                TaskSession taskSession = taskController.getTaskSession() ;



<H1>Grabbing Task Session Attribute Value from BLTH:  <%=taskSession.getAttributeValue("TASK_SESSION_ATTRBUTE_NAME ")%></H1>

Called by: <%=admin.getFriendlyName()%>


Save JSP under /app/page/jsp/ folder under IDM user console war installation directory. Configure JSP page from Task Definition. This JSP page should be configured a tab in Task definition.


Page redirect from BLTH to another Task

If you want to display results from a BLTH in one task to a screen residing in a different task, you can do that from a BLTH handleSubmission function. In your BLTH code you have to import HttpServletRequest, HttpServletResponse and UIContext classes. Suppose you want to redirect your task to a screen configured in a separate task with task tag name TestModifySession, and your URL to destination page is /<application_base_location>/ca12/index.jsp, then you can add following code in your handleSubmission function. On task submit, the default page for TestModifySession will be presented:


String destination = "/<application_base_location>/ca12/index.jsp?task.tag=TestModifySession" ;


 System.out.println("Request Forward begins.") ;

 HttpServletRequest request = UIContext.getThreadRequest() ;

 HttpServletResponse response = UIContext.getThreadResponse() ;

String contextPath = request.getContextPath() ;

System.out.println("Get ContextPath. " + request.getContextPath()) ;

 if(destination != null) {

          response.sendRedirect(response.encodeURL(contextPath + destination)) ;


System.out.println("Request Forward ends.") ;



Capture Task Session Attribute value from a JSP page to Policy Express Data Element

Create a JSP page and set session attribute in task controller object:


TaskController taskController = (TaskController) request.getAttribute(“TaskController”);

taskController.getTaskSession.setAttribute(“taskSessionData” , “Test Data on task session: Dec 8, 2015”);



-Define a Policy Express policy, where set Data tab with following attributes:

Name: getTaskSessionData

Category: Tasks and Events

Type: Task Information

Function: Task Session Attribute

Attribute Name: taskSessionData


-Create Action Rules with following Attributes:

Name: always

Category: Messages

Type: Display On-Screen Message

Function: Displays a message on the screen


Message to be displayed: Printing Task Session data: {‘taskSessionData’}


-Create a task called “Test Task Session Attribute Handler”


-In your policy, under Events tab, Add:

Event State: Submission

Event Name: Test Task Session Attribute Handler (you have to pick up task name from drop-down)


Now, if you submit your task from your JSP page,that will display

Printing Task Session data: Test Data on task session: Dec 8, 2015  

on a screen.


Custom Error Message Design - CA Identity Manager

To display a personalized error messages for a function in Identity Manager, you can just add a function similar to the following in BLTH:


                * Sample bundleName=resourceBundles.IMSExceptions

                * Sample numericalLabel=3037

                * errorList = new ArrayList<String> list;list.add("Service not available.")


                public IMSException attachErrorCode(IMSException imx, String bundleName, String numericalLabel, ArrayList<String> errorList){

                                imx = new IMSException(bundleName) ;

                                Object [] params = errorList.toArray() ;

                                imx.addUserMessage(numericalLabel , params );

                                throw imx;



In properties file, custom/resourceBundles/ add following:

3037=Password is too short.  Minimum length is {0}.


From any piece of code this function should be called when certain condition is met for error cases, such as:

        if (type == PasswordMessageType.SHORT)


            attachErrorCode("resourceBundles.IMSExceptions","3037", errorList.add("Password is too short."))




Credit: Programming Notes: CA Identity Minder - Sakeba Abedin 


If you are configuring the AD based authentication for Multiple domains in Identity suite, follow the following advice

  1. Follow the "Manage Active Directory Authentication Module" instructions
  2. In "" file user
    1. Set "Server" to "Global Catalog" server name/ip 
    2. Configure the SERVERS property to point to the catalog server by adding the port (SERVERS=adserver:3268 or adserver:3269 if you use SSL ).
    3. Set the BASEDN to the root of the AD domain (like DC=lab,DC=local)
  3.  For SSL : Add certificate to java trust store that is used by webcontainer hosting the Identity Manager web Application.  Default path: %JAVA_HOME%\jre\lib\security\cacerts 
  4. In virtual appliance, you need to use keytool command to add the certificate in java trust store because of vApp permission restrictions.