OX as a Service Provisioning using SOAP
Tutorial: Provision OX as a Service using SOAP
Overview
OX as a Service is using the same code everybody can download and install using our various guides. Since it is a hosted service using a reseller model, the provisioning api is using the Reseller Bundle to extend the usual two administrative layers by an additional one.
Open-Xchange does also not contain a mail server in general, but requires one in order to act like a mail client. OX as a Service is using Dovecot as mail server and thus extends the usual Open-Xchange provisioning capabilities by mechanisms to manage some email specific settings.
Open-Xchange concept of Contexts
In order to provision users and groups into Open-Xchange, it is important to understand, that Open-Xchange is designed for shared hosting environments in a way that it has to serve multiple tenants, customers, domains, or however you want to name it. In Open-Xchange, we call that a Context. A context is a sealed container for users and groups. Users in a context can not see users of other contexts, nor can they share data with users of other contexts (with the exception of Open-Xchange publish and subscribe functionality).
A usual scenario is to have a company, a family or in general one end customer in a context. One can also say, a context is a domain, and usually that makes sense, since a company has one domain. However, Open-Xchange contexts are not limited to one domain only.
Open-Xchange concept of provisioning
A plain Open-Xchange installation consists of two administrative levels.
- root level, usually we call that oxadminmaster
- context level
oxadminmaster / root
The root, or oxadminmaster account is used to
- add, remove and configure filestores attached to Open-Xchange
- add, remove and configure databases attached to Open-Xchange
- add, remove and configure contexts
and change parameters like add/remove domains, change per context filesystem quota, etc.
Up to Open-Xchange version 7.8.0, it was not able to add or remove users and groups, nor any other data within a context!
Context admin
The context admin is like an ordinary Open-Xchange user, except that it can add, remove and edit users and groups within Open-Xchange. In addition, it inherits shared data of users, that are deleted.
OX as a Service concept of provisioning
As written before, plain Open-Xchange only has one root account. In a reseller scenario, that would mean if we want resellers to be able to create contexts for their customers, we would have to hand out our root account. Since that is not desirable, we added another layer via the Reseller Bundle as mentioned earlier.
- root level, usually we call that oxadminmaster
- subadmin level / brand level
- context level
root and context level don't change, except that context level can be restricted.
The subadmin account can only add, remove or configure contexts. As well as the root account, it can NOT add, remove and configure users within contexts. Contexts created by a subadmin account can not be seen by other subadmin accounts.
What is a brand?
A brand is a customers subadmin login to the OXaaS SOAP provisioning API.
OX as a Service specifics
In order to create a user in Open-Xchange, you have to set an email address for that user. This will directly lead into a domain to be created into OXaaS bound to that user and its context, if that domain does not already exists and is owned by a different context.
If you want to share domains between multiple contexts, you have to use shared domains. Shared domains must be created in advance using the createSharedDomain method (see OXaaS specific methods)
You can use the existsMailAlias method to check for the existence of an alias before you create it.
Catchall accounts
If the feature is enabled in your contract, you can create catchall mail aliases bound to users within contexts.
User permissions
See OXaaS permission description below.
Provisioning
Reference implementation
The reference implementation of the European OX as a Service system can be found in the OX as a Service APS package for Odin Service Automation.
Workflow
Subadmin credentials
The first requirement is to get subadmin credentials for your company. Please follow the steps documented here to get such an account.
Together with the login and password you will also retrieve the provisioning URL to be used by all SOAP requests. In addition, it is required that you give us a list of ip addresses or network(s) that should be allowed to access the provisioning system.
WSDL files
Just point your browser to the provisioning URL you got from us. You will find some services listed there. You will need the following services from that list:
- https://hostname/webservices/OXaaSService?wsdl
- OX as a Service specific functions
- https://hostname/webservices/OXResellerContextService?wsdl
- Context management
- https://hostname/webservices/OXResellerUserService?wsdl
- User management
and optionally
- https://hostname/webservices/OXResellerGroupService?wsdl
- Group management
- https://hostname/webservices/OXResellerResourceService?wsdl
- Resource management
Create a context
Once you have the credentials in place, you are ready to create your first context.
Creating a context requires to create the first user in that context, that is the context admin, see above.
Mandatory settings for a context are
- name
- name of the context
- quota
- file quota in MB for that context (Note: that is file, not mail!)
- taxonomy
- must be set to the login of your subadmin account, see below
Important: In OXaaS, the name of the context must always start with your subadmin login with an underscore appended. E.g. when your subadmin login is johndoe, the all your context names must start with johndoe_!
Optional settings
- framecolor
- io.ox/dynamic-theme//frameColor
- iconcolor
- io.ox/dynamic-theme//iconColor
- selectioncolor
- io.ox/dynamic-theme//selectionColor
- logowidth
- io.ox/dynamic-theme//logoWidth
- logourl
- io.ox/dynamic-theme//logoURL
- logouturl
- io.ox/core//customLocations/logout, see this section for more information on the settings above
- id
- A numerical id bound to the context. When you create a context, this id will be generated. You will need that later when you manage users. The id can be looked up via the context name.
userAttributes
The settings brandtaxonomy and the other optional settings except id are part of the userAttributes SOAP field. All other settings can easily be set via simple SOAP settings. userAttributes is a hash that contains some settings that are not available in all setups of Open-Xchange. It allows to extend Open-Xchange functionality dynamically like done in OXaaS.
The hash looks like this:
userAttributes => entries => EntryArray with EntryArray := [ { key => "somekey" value => somevalue }, { key => "someotherkey" value => someothervalue }, ... ] somevalue can be an array again, e.g.: somevalue => entries => EntryArray with EntryArray := [ { key => "somekey" value => somevalue }, { key => "someotherkey" value => someothervalue }, ... ] and so on
Example dump using perls Data::Dumper
:
'userAttributes' => {
'entries' => [
{
'value' => {
'entries' => [
{
'value' => '#0000ff',
'key' => 'io.ox/dynamic-theme//selectionColor'
},
{
'value' => '#ff0000',
'key' => 'io.ox/dynamic-theme//frameColor'
},
{
'value' => '#00ff00',
'key' => 'io.ox/dynamic-theme//iconColor'
}
]
},
'key' => 'config'
},
{
'value' => {
'entries' => {
'value' => 'johndoe',
'key' => 'types'
}
},
'key' => 'taxonomy'
}
]
},
Admin User
- name
- login name of the context admin
- password
- password
- email address of the context admin
- displayname
- displayname (usually surname givenname)
- surname
- surname
- givenname
- given name
- lang
- language, e.g. en_GB, en_US, de_DE, ...
- timezone
- Java timezone such as Europe/Berlin,
Timezones
To get a list of all available timezones, you can run this short Java program:
import java.util.TimeZone;
public class AllTimeZones {
public static void main(String[] args) {
for(final String zone : TimeZone.getAvailableIDs() ) {
System.out.println(zone);
}
}
}
Languages
This is the list of currently supported languages in OXaaS:
ja_JP de_DE es_ES es_MX fr_FR it_IT nl_NL pl_PL zh_TW en_US en_GB
Create users
Creating users requires the following parameters
- name
- login name of the context admin
- password
- password
- email address of the context admin
- displayname
- displayname (usually surname givenname)
- surname
- surname
- givenname
- given name
- lang
- language, e.g. en_GB, en_US, de_DE, ...
- timezone
- Java timezone such as Europe/Berlin,
- moduleaccess
- the module access combination name
- mailquota
- the mail quota of the user in MB
Timezones and languages like documented earlier.
Valid values for moduleaccess are:
- webmail_plus
- groupware_standard
- groupware_advanced
- groupware_premium
Other settings are not supported.
userAttributes
It might be required you have to set some specific attributes per user like the Edition Type as done by the OXaaS APS package.
There's a choice of 7 different edition types:
- webmail
- bound to webmail_plus
- basic
- bound to groupware_standard
- advanced
- bound to groupware_advanced
- pro
- bound to groupware_premium
- pro_m
- bound to groupware_premium
- pro_l
- bound to groupware_premium
- pro_xl
- bound to groupware_premium
which can be set within each users oxaas_edition_type within a tree oxaas:
'userAttributes' => { 'entries' => { 'key' => 'oxaas', 'value' => { 'entries' => { 'key' => 'oxaas_edition_type', 'value' => 'pro_l' } } } }
Workflow
Create the user in Open-Xchange
- Use the name and password of the context admin user of the context you created earlier and define
a Credentials object.
- Find the numerical id of the context e.g. in using
OXResellerContextService->getData(name="contextname")
Use the OXResellerUserService->createByModuleAccessName
to create users.
Note: Although there are three create methods in the SOAP user service API, you have to use the method createByModuleAccessName
and specify one of the names listed above.
Set mail quota
- Use the name and password of the context admin user of the context you created earlier and define
a Credentials object.
- Find the numerical id of the context e.g. in using
OXResellerContextService->getData(name="contextname")
- Find the numerical id of the user either by using
OXResellerUserService->getData(name="username")
or use/store the return value ofOXResellerUserService->createByModuleAccessName
Use the OXaaSService->setMailQuota
call to set the mail quota for the user created above.
Set OXaaS permissions
Explanation
The OXaaS permissions allow to enable or disable a certain set of features. Currently, the following permissions are available:
Permission | Description |
---|---|
SEND | User is allowed to send mail |
RECEIVE | User is allowed to receive mail |
MAILLOGIN | User can login using IMAP |
WEBLOGIN | User can login to OX webmail. |
The permission names are case insensitive. The WEBLOGIN permission is the same as the Mailenabled permission in the user data of the Open-Xchange core api. The permission OXaaS api provides another way to enable/disable it.
Workflow
- Use the name and password of the context admin user of the context you created earlier and define
a Credentials object.
- Find the numerical id of the context e.g. in using
OXResellerContextService->getData(name="contextname")
- Find the numerical id of the user either by using
OXResellerUserService->getData(name="username")
or use/store the return value ofOXResellerUserService->createByModuleAccessName
Use one of OXaaSService->enablePermissions
, OXaaSService->disablePermissions
or OXaaSService->getPermissions
to change or retrieve permissions. Permissions must always be provided as an array of 1 or more permissions.
OXaaS specific methods
The following SOAP methods are specific to OXaaS and are NOT part of the general Open-Xchange provisioning API.
Method | Functionality | Authentication |
---|---|---|
getQuotaUsage | get the overall mail quota usage of all users within the given context | Subadmin |
createSharedDomain | create a shared domain | Subadmin |
existsLogin | check whether user login already exists. Note: a users login must be unique within all users for your subadmin account and NOT only per context! | Subadmin |
existsMailAlias | check whether given mail alias already exists | Subadmin |
createDomainCatchall | create a domain catchall | Subadmin |
getQuotaUsagePerUser | get mail quota usage of the individual user within the given context | Subadmin |
listDomainCatchalls | list all existing domain catchalls | Subadmin |
setMailQuota | set the mail quota of the individual user within the context | Context Admin |
deleteDomainCatchall | delete the given domain catchall | Subadmin |
getPermissions | list given users permissions | Context Admin |
enablePermissions | enable provided permissions for given user | Context Admin |
disablePermissions | enable provided permissions for given user | Context Admin |
setExpiryDate | store expiry date for the given user | Context Admin |
getExpiryDate | get expiry date stored for user | Context Admin |
deleteExpiryDate | delete the expiry date stored in the given user | Context Admin |
getExpiredUsers | retrieve list of expired users | Context Admin |
The WSDL source file for these methods contain documentation for each of the calls and parameters. You can download it here: http://software.open-xchange.com/products/appsuite/doc/oxasservice/OXaaSService.wsdl
SOAP provisioning feature matrix
(WIP)
The table below shows what method(s) to use and what to set in order to configure the different feature sets.
The value in the row Module Access Name must be given as a parameter to OXResellerUserService->changeByModuleAccessName
or OXResellerUserService->createByModuleAccessName
.
The values in the row Capabilities must be given as parameters to the userAttributes
member of the User
object that
should be changed and then passed to OXResellerUserService->change
or OXResellerUserService->createByModuleAccessName
.
Note: OXResellerUserService->changeByModuleAccessName
does NOT change these capabilities!
Feature | Module Access Name | Capabilities (mandatory values in bold, others are optional) |
---|---|---|
Web Mail | webmail_plus | com.openexchange.capability.drive = false com.openexchange.capability.document_preview = false com.openexchange.capability.spreadsheet = false com.openexchange.capability.text = false com.openexchange.capability.presenter = false com.openexchange.capability.remote_presenter = false com.openexchange.capability.guard = false com.openexchange.capability.guard-mail = false com.openexchange.capability.guard-drive = false |
Basic | groupware_standard | com.openexchange.capability.drive = true com.openexchange.capability.document_preview = true/false com.openexchange.capability.spreadsheet = true/false com.openexchange.capability.text = true/false com.openexchange.capability.presenter = true/false com.openexchange.capability.remote_presenter = true/false com.openexchange.capability.guard = true/false com.openexchange.capability.guard-mail = true/false com.openexchange.capability.guard-drive = true/false |
Advanced | groupware_advanced | com.openexchange.capability.drive = true com.openexchange.capability.document_preview = true/false com.openexchange.capability.spreadsheet = true/false com.openexchange.capability.text = true/false com.openexchange.capability.presenter = true/false com.openexchange.capability.remote_presenter = true/false com.openexchange.capability.guard = true/false com.openexchange.capability.guard-mail = true/false com.openexchange.capability.guard-drive = true/false |
Pro | groupware_premium | com.openexchange.capability.drive = true com.openexchange.capability.document_preview = true com.openexchange.capability.spreadsheet = true com.openexchange.capability.text = true com.openexchange.capability.presenter = true com.openexchange.capability.remote_presenter = true com.openexchange.capability.guard = true com.openexchange.capability.guard-mail = true com.openexchange.capability.guard-drive = true |
List of available capabilities (incomplete)
These features are controlled by the ConfigCascade.
For drive and documents the following settings are responsible:
- OX Drive
com.openexchange.capability.drive = true/false
- OX Docs
com.openexchange.capability.document_preview = true/false
com.openexchange.capability.spreadsheet = true/false
com.openexchange.capability.text = true/false
com.openexchange.capability.presenter = true/false
com.openexchange.capability.remote_presenter = true/false
- OX Guard
com.openexchange.capability.guard = true/false
com.openexchange.capability.guard-mail = true/false
com.openexchange.capability.guard-drive = true/false
- OX Messenger
com.openexchange.capability.messenger = true/false
com.openexchange.capability.messenger-phone = true/false
check out this article for more capabilities
Using this perl example:
e.g. this
logouturl => { setting => "io.ox/core//customLocations/logout", value => "logouturl" }
is setting the ConfigCascade setting io.ox/core//customLocations/logout to the string “logouturl"
io.ox/core//customLocations/logout = "logouturl"
adding
oxdrive => { setting => "com.openexchange.capability.drive", value => "true" }
in that example would turn on drive.
Code Examples
Java
Generating the SOAP client
Since Open-Xchange is using Apache CXF for SOAP, we recommend to use the wsdl2java code generator from that package.
The Open-Xchange SOAP services are divided into multiple parts, which makes the code generation a little complex.
In OXaaS we need at least three services in order to create contexts and users:
- OXResellerContextService
- OXResellerUserService
- OXaaSService
The shell script below generates the stubs of these three services into the directory defined in the CODEBASE variable. In addition, you have to set WSDLURL to point it to the provisioning URL you will get from us as mentioned earlier.
Just cut&paste the shell script below into a file and run it using the bash shell.
# 1. download apache-cxf tarball, extract it and "cd" into the directory, e.g.
# tar zxvpf apache-cxf-3.0.0-milestone1.tar.gz; cd apache-cxf-3.0.0-milestone1
# 2. change variables CODEBASE, JAVA_HOME and WSDLURL
# 3. run this script "bash oxaas-wsdl2java"
export JAVA_HOME="/usr/lib/jvm/j2sdk1.7-oracle/"
CODEBASE="/home/oxgit/workspace/OXaaSJClient/src"
WSDLURL="https://youroxaashost/webservices"
rm -rf $CODEBASE
frontend=jaxws21
dbinding=jaxb
JAXBTMP=/tmp/jaxb$$.xml
rm -f $JAXBTMP
cat<<EOF > $JAXBTMP
<jaxb:bindings version="2.1"
xmlns:jaxb="http://java.sun.com/xml/ns/jaxb"
xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
<jaxb:globalBindings generateElementProperty="false"/>
</jaxb:bindings>
EOF
pname="com.openexchange.oxaas.context"
bin/wsdl2java -databinding $dbinding -frontend $frontend -client -impl -d $CODEBASE -keep -b $JAXBTMP \
-p "http://soap.reseller.admin.openexchange.com=${pname}" \
-p "http://dataobjects.rmi.reseller.admin.openexchange.com/xsd=${pname}.reseller.rmi.dataobjects" \
-p "http://dataobjects.soap.reseller.admin.openexchange.com/xsd=${pname}.reseller.soap.dataobjects" \
-p "http://dataobjects.soap.admin.openexchange.com/xsd=${pname}.soap.dataobjects" \
-p "http://dataobjects.rmi.admin.openexchange.com/xsd=${pname}.rmi.dataobjects" \
-p "http://exceptions.rmi.admin.openexchange.com/xsd=${pname}.rmi.exceptions" \
-p "http://rmi.java/xsd=${pname}.java.rmi" \
-p "http://io.java/xsd=${pname}.java.io" \
${WSDLURL}/OXResellerContextService?wsdl
pname="com.openexchange.oxaas.user"
bin/wsdl2java -databinding $dbinding -frontend $frontend -client -impl -d $CODEBASE -keep -b $JAXBTMP \
-p "http://soap.reseller.admin.openexchange.com=${pname}" \
-p "http://dataobjects.rmi.reseller.admin.openexchange.com/xsd=${pname}.reseller.rmi.dataobjects" \
-p "http://dataobjects.soap.reseller.admin.openexchange.com/xsd=${pname}.reseller.soap.dataobjects" \
-p "http://dataobjects.soap.admin.openexchange.com/xsd=${pname}.soap.dataobjects" \
-p "http://dataobjects.rmi.admin.openexchange.com/xsd=${pname}.rmi.dataobjects" \
-p "http://exceptions.rmi.admin.openexchange.com/xsd=${pname}.rmi.exceptions" \
-p "http://rmi.java/xsd=${pname}.java.rmi" \
-p "http://io.java/xsd=${pname}.java.io" \
${WSDLURL}/OXResellerUserService?wsdl
pname="com.openexchange.oxaas.extra"
bin/wsdl2java -databinding $dbinding -frontend $frontend -client -impl -d $CODEBASE -keep -b $JAXBTMP \
-p "http://soap.oxaas.admin.openexchange.com/=${pname}" \
${WSDLURL}/OXaaSService?wsdl
rm -f $JAXBTMP
When you generate the code into an existing eclipse project, you should have three main packages as shown in the image below
Example Client
In the following example, the context creation and the user creation is separated into different programs.
We assume, you have created the Java client stub(s) as documented above and have it in your library path or eclipse project.
To summarize some essential requirements from the example below:
- The name of each context you create must start with your subadmin name followed by an underscore _
- You must set the userAttribute taxonomy at least
- The context admin user must get the groupware_premium access permission
Context creation
The example below shows how to create a context in OXaaS.
package com.openexchange.oxaas.myclient;
import java.io.IOException;
import java.util.List;
import javax.xml.namespace.QName;
import com.openexchange.oxaas.context.ContextExistsExceptionException;
import com.openexchange.oxaas.context.DatabaseUpdateExceptionException;
import com.openexchange.oxaas.context.Delete;
import com.openexchange.oxaas.context.DuplicateExtensionExceptionException;
import com.openexchange.oxaas.context.InvalidCredentialsExceptionException;
import com.openexchange.oxaas.context.InvalidDataExceptionException;
import com.openexchange.oxaas.context.NoSuchContextExceptionException;
import com.openexchange.oxaas.context.OXResellerContextService;
import com.openexchange.oxaas.context.OXResellerContextServicePortType;
import com.openexchange.oxaas.context.RemoteExceptionException;
import com.openexchange.oxaas.context.StorageExceptionException;
import com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext;
import com.openexchange.oxaas.context.rmi.dataobjects.Credentials;
import com.openexchange.oxaas.context.soap.dataobjects.Entry;
import com.openexchange.oxaas.context.soap.dataobjects.SOAPMapEntry;
import com.openexchange.oxaas.context.soap.dataobjects.SOAPStringMap;
import com.openexchange.oxaas.context.soap.dataobjects.SOAPStringMapMap;
import com.openexchange.oxaas.context.soap.dataobjects.User;
/*
* Example SOAP client for OXaaS OXResellerContextService
*
* Create a context
*
*/
public class MyContextClientExample {
private static final QName SERVICE_NAME = new QName("http://soap.reseller.admin.openexchange.com", "OXResellerContextService");
public static void main(String[] args) {
final String subadminname = "mysubadmin";
final String subadminpw = "secret";
final String ctxname = subadminname + "_myctx";
Credentials creds = new Credentials();
ResellerContext ctx = new ResellerContext();
User oxadmin = new User();
OXResellerContextService contextservice = new OXResellerContextService(OXResellerContextService.WSDL_LOCATION, SERVICE_NAME);
OXResellerContextServicePortType contextport = contextservice.getOXResellerContextServiceHttpSoap11Endpoint();
creds.setLogin(subadminname);
creds.setPassword(subadminpw);
SOAPMapEntry taxonomy = new SOAPMapEntry();
taxonomy.setKey("taxonomy");
SOAPStringMap taxtypeval = new SOAPStringMap();
Entry taxtypeent = new Entry();
taxtypeent.setKey("types");
taxtypeent.setValue(subadminname);
taxtypeval.getEntries().add(taxtypeent);
taxonomy.setValue(taxtypeval);
SOAPMapEntry config = new SOAPMapEntry();
config.setKey("config");
SOAPStringMap configEntries = new SOAPStringMap();
Entry selectionColor = new Entry();
selectionColor.setKey("io.ox/dynamic-theme//selectionColor");
selectionColor.setValue("#0000ff");
Entry frameColor = new Entry();
frameColor.setKey("io.ox/dynamic-theme//frameColor");
frameColor.setValue("#ff0000");
Entry iconColor = new Entry();
iconColor.setKey("io.ox/dynamic-theme//iconColor");
iconColor.setValue("#00ff00");
configEntries.getEntries().add(selectionColor);
configEntries.getEntries().add(frameColor);
configEntries.getEntries().add(iconColor);
config.setValue(configEntries);
SOAPStringMapMap userattrs = new SOAPStringMapMap();
userattrs.getEntries().add(taxonomy);
userattrs.getEntries().add(config);
ctx.setName(ctxname);
ctx.setMaxQuota(10000l);
ctx.setUserAttributes(userattrs);
final String adminEmail = "oxadmin@example.com";
final String ctxadmname = "oxadmin";
final String ctxadmpw = "secret";
oxadmin.setName(ctxadmname);
oxadmin.setPassword(ctxadmpw);
oxadmin.setDisplayName("OX Admin");
oxadmin.setSurName("OX");
oxadmin.setGivenName("Admin");
oxadmin.setPrimaryEmail(adminEmail);
oxadmin.setEmail1(adminEmail);
oxadmin.setDefaultSenderAddress(adminEmail);
oxadmin.setLanguage("en_US");
oxadmin.setTimezone("Europe/Berlin");
try {
ResellerContext ret = contextport.createModuleAccessByName(ctx, oxadmin, "groupware_premium", creds);
System.out.println("created context with id=" + ret.getId());
System.out.println("existing contexts:");
List<ResellerContext> allctxs = contextport.listAll(creds);
for(final ResellerContext c : allctxs) {
System.out.println(c.getName() + " with id=" + c.getId());
}
System.in.read();
System.out.println("deleting created context again");
Delete del = new Delete();
del.setAuth(creds);
del.setCtx(ctx);
contextport.delete(del);
} catch (InvalidDataExceptionException e) {
e.printStackTrace();
} catch (ContextExistsExceptionException e) {
e.printStackTrace();
} catch (DuplicateExtensionExceptionException e) {
e.printStackTrace();
} catch (InvalidCredentialsExceptionException e) {
e.printStackTrace();
} catch (RemoteExceptionException e) {
e.printStackTrace();
} catch (StorageExceptionException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (NoSuchContextExceptionException e) {
e.printStackTrace();
} catch (DatabaseUpdateExceptionException e) {
e.printStackTrace();
}
}
}
User creation
The client below utilizes all SOAP services we have created so far.
The essential parts of the code are
- use OXResellerContextService to find out the ID of the context you want to create users
- create users using OXResellerUserService
- use one of the moduleaccess values as documented earlier
- use setMailQuota from OXaaSService to set each users mail quota individually
- use existsLogin from OXaaSService to check in advance of a login already exists
package com.openexchange.oxaas.myclient;
import java.io.IOException;
import javax.xml.namespace.QName;
import com.openexchange.oxaas.context.OXResellerContextService;
import com.openexchange.oxaas.context.OXResellerContextServicePortType;
import com.openexchange.oxaas.extra.ExistsLoginFaultException;
import com.openexchange.oxaas.extra.OXaaSService;
import com.openexchange.oxaas.extra.OXaaSService_Service;
import com.openexchange.oxaas.extra.SetMailQuotaFaultException;
import com.openexchange.oxaas.user.DatabaseUpdateExceptionException;
import com.openexchange.oxaas.user.Delete;
import com.openexchange.oxaas.user.DuplicateExtensionExceptionException;
import com.openexchange.oxaas.user.InvalidCredentialsExceptionException;
import com.openexchange.oxaas.user.InvalidDataExceptionException;
import com.openexchange.oxaas.user.NoSuchContextExceptionException;
import com.openexchange.oxaas.user.NoSuchUserExceptionException;
import com.openexchange.oxaas.user.OXResellerUserService;
import com.openexchange.oxaas.user.OXResellerUserServicePortType;
import com.openexchange.oxaas.user.RemoteExceptionException;
import com.openexchange.oxaas.user.StorageExceptionException;
import com.openexchange.oxaas.user.reseller.soap.dataobjects.ResellerContext;
import com.openexchange.oxaas.user.rmi.dataobjects.Credentials;
import com.openexchange.oxaas.user.soap.dataobjects.User;
/*
* Example SOAP client for OXaaS OXResellerUserService
*
* Create users in a context
*
*/
public class MyUserClientExample {
private static final QName USER_SERVICE_NAME = new QName("http://soap.reseller.admin.openexchange.com", "OXResellerUserService");
private static final QName CONTEXT_SERVICE_NAME = new QName("http://soap.reseller.admin.openexchange.com", "OXResellerContextService");
private static final QName OXAAS_SERVICE_NAME = new QName("http://soap.oxaas.admin.openexchange.com/", "OXaaSService");
public static void main(String[] args) {
final String subadminname = "mysubadmin";
final String subadminpw = "secret";
final String ctxadmname = "oxadmin";
final String ctxadmpw = "secret";
final String ctxname = subadminname + "_myctx";
Credentials creds = new Credentials();
ResellerContext ctx = new ResellerContext();
User auser = new User();
OXResellerUserService userservice = new OXResellerUserService(OXResellerUserService.WSDL_LOCATION, USER_SERVICE_NAME);
OXResellerUserServicePortType userport = userservice.getOXResellerUserServiceHttpSoap12Endpoint();
OXResellerContextService contextservice = new OXResellerContextService(OXResellerContextService.WSDL_LOCATION, CONTEXT_SERVICE_NAME);
OXResellerContextServicePortType contextport = contextservice.getOXResellerContextServiceHttpSoap11Endpoint();
OXaaSService_Service oxaasservice = new OXaaSService_Service(OXaaSService_Service.WSDL_LOCATION, OXAAS_SERVICE_NAME);
OXaaSService oxaasport = oxaasservice.getOXaaSServiceSOAP();
// We need to use the ResellerContextService SOAP client stub to retrieve the context id
com.openexchange.oxaas.context.rmi.dataobjects.Credentials ctxCreds = new com.openexchange.oxaas.context.rmi.dataobjects.Credentials();
com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext ctxCtx = new com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext();
ctxCreds.setLogin(subadminname);
ctxCreds.setPassword(subadminpw);
ctxCtx.setName(ctxname);
creds.setLogin(ctxadmname);
creds.setPassword(ctxadmpw);
final String userEmail = "auser@example.com";
auser.setName("auser");
auser.setPassword("secret");
auser.setDisplayName("My User");
auser.setSurName("My");
auser.setGivenName("User");
auser.setPrimaryEmail(userEmail);
auser.setEmail1(userEmail);
auser.setDefaultSenderAddress(userEmail);
auser.setLanguage("en_US");
auser.setTimezone("Europe/Berlin");
try {
// we only have the name of the context, so we need to retrieve its id, first using ResellerContextService
com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext ctxRet = contextport.getData(ctxCtx, ctxCreds);
ctx.setId(ctxRet.getId());
// create the user via OXResellerUserService
User ret = userport.createByModuleAccessName(ctx, auser, "groupware_premium", creds);
System.out.println("created user with id=" + ret.getId());
// set mail quota for that user using OXaaSService
com.openexchange.oxaas.extra.Credentials oxaasCtxCreds = new com.openexchange.oxaas.extra.Credentials();
oxaasCtxCreds.setLogin(ctxadmname);
oxaasCtxCreds.setPassword(ctxadmpw);
oxaasport.setMailQuota(ctxRet.getId(), ret.getId(), 1000l, oxaasCtxCreds);
// check whether the login for the user has been created within my subadmin namespace
// NOTE: this check should be used beforehand usually: check whether login exists and then create it if not
com.openexchange.oxaas.extra.Credentials oxaasAdminCreds = new com.openexchange.oxaas.extra.Credentials();
oxaasAdminCreds.setLogin(subadminname);
oxaasAdminCreds.setPassword(subadminpw);
if( oxaasport.existsLogin("auser", oxaasAdminCreds) ) {
System.out.println("all ok, user login has been created");
}
System.in.read();
System.out.println("deleting created user again");
Delete del = new Delete();
del.setAuth(creds);
del.setCtx(ctx);
del.setUser(ret);
userport.delete(del);
} catch (InvalidDataExceptionException e) {
e.printStackTrace();
} catch (NoSuchContextExceptionException e) {
e.printStackTrace();
} catch (DuplicateExtensionExceptionException e) {
e.printStackTrace();
} catch (DatabaseUpdateExceptionException e) {
e.printStackTrace();
} catch (InvalidCredentialsExceptionException e) {
e.printStackTrace();
} catch (RemoteExceptionException e) {
e.printStackTrace();
} catch (StorageExceptionException e) {
e.printStackTrace();
} catch (NoSuchUserExceptionException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.InvalidDataExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.NoSuchContextExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.DuplicateExtensionExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.InvalidCredentialsExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.RemoteExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.StorageExceptionException e) {
e.printStackTrace();
} catch (SetMailQuotaFaultException e) {
e.printStackTrace();
} catch (ExistsLoginFaultException e) {
e.printStackTrace();
}
}
}
Email (alias) management
The next example shows how to manage email aliases and shared domains. The essential information is:
- if you want to change the email address of a user, you have to add the new address to the list of aliases
- when you want to change individual settings of a user, only send the changed settings
package com.openexchange.oxaas.myclient;
import java.util.List;
import javax.xml.namespace.QName;
import com.openexchange.oxaas.context.OXResellerContextService;
import com.openexchange.oxaas.context.OXResellerContextServicePortType;
import com.openexchange.oxaas.extra.CreateSharedDomainFaultException;
import com.openexchange.oxaas.extra.OXaaSService;
import com.openexchange.oxaas.extra.OXaaSService_Service;
import com.openexchange.oxaas.user.Change;
import com.openexchange.oxaas.user.DatabaseUpdateExceptionException;
import com.openexchange.oxaas.user.DuplicateExtensionExceptionException;
import com.openexchange.oxaas.user.InvalidCredentialsExceptionException;
import com.openexchange.oxaas.user.InvalidDataExceptionException;
import com.openexchange.oxaas.user.NoSuchContextExceptionException;
import com.openexchange.oxaas.user.NoSuchUserExceptionException;
import com.openexchange.oxaas.user.OXResellerUserService;
import com.openexchange.oxaas.user.OXResellerUserServicePortType;
import com.openexchange.oxaas.user.RemoteExceptionException;
import com.openexchange.oxaas.user.StorageExceptionException;
import com.openexchange.oxaas.user.reseller.soap.dataobjects.ResellerContext;
import com.openexchange.oxaas.user.rmi.dataobjects.Credentials;
import com.openexchange.oxaas.user.soap.dataobjects.User;
/*
* Example SOAP client for OXaaS OXResellerUserService
*
* Create users in a context
*
*/
public class OXaaSAliasManagement {
private static final QName USER_SERVICE_NAME = new QName("http://soap.reseller.admin.openexchange.com", "OXResellerUserService");
private static final QName CONTEXT_SERVICE_NAME = new QName("http://soap.reseller.admin.openexchange.com", "OXResellerContextService");
private static final QName OXAAS_SERVICE_NAME = new QName("http://soap.oxaas.admin.openexchange.com/", "OXaaSService");
public static void main(String[] args) {
final String subadminname = "mysubadmin";
final String subadminpw = "secret";
final String ctxadmname = "oxadmin";
final String ctxadmpw = "secret";
final String userlogin = "auser";
final String ctxname = subadminname + "_myctx";
Credentials creds = new Credentials();
ResellerContext ctx = new ResellerContext();
OXResellerUserService userservice = new OXResellerUserService(OXResellerUserService.WSDL_LOCATION, USER_SERVICE_NAME);
OXResellerUserServicePortType userport = userservice.getOXResellerUserServiceHttpSoap12Endpoint();
OXResellerContextService contextservice = new OXResellerContextService(OXResellerContextService.WSDL_LOCATION, CONTEXT_SERVICE_NAME);
OXResellerContextServicePortType contextport = contextservice.getOXResellerContextServiceHttpSoap11Endpoint();
OXaaSService_Service oxaasservice = new OXaaSService_Service(OXaaSService_Service.WSDL_LOCATION, OXAAS_SERVICE_NAME);
OXaaSService oxaasport = oxaasservice.getOXaaSServiceSOAP();
// We need to use the ResellerContextService SOAP client stub to retrieve the context id
com.openexchange.oxaas.context.rmi.dataobjects.Credentials ctxCreds = new com.openexchange.oxaas.context.rmi.dataobjects.Credentials();
com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext ctxCtx = new com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext();
ctxCreds.setLogin(subadminname);
ctxCreds.setPassword(subadminpw);
ctxCtx.setName(ctxname);
creds.setLogin(ctxadmname);
creds.setPassword(ctxadmpw);
try {
// we only have the name of the context, so we need to retrieve its id, first using ResellerContextService
com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext ctxRet = contextport.getData(ctxCtx, ctxCreds);
ctx.setId(ctxRet.getId());
/*
* now we want to add an alias to the user "auser"
*/
User auser = new User();
auser.setName(userlogin);
User ret = userport.getData(ctx, auser, creds);
List<String> aliases = ret.getAliases();
// list all mail aliases of that user
System.out.println("User has the following alias(es):" + aliases);
// now add another one
aliases.add("sales@example.com");
// we also want to add an alias within a shared domain
com.openexchange.oxaas.extra.Credentials oxaasCtxCreds = new com.openexchange.oxaas.extra.Credentials();
oxaasCtxCreds.setLogin(subadminname);
oxaasCtxCreds.setPassword(subadminpw);
/*
* Note: we can run this method as often as we want, it will ONLY return an error in case we want to add a shared domain
* that is already bound to another subadmin/customer
*/
oxaasport.createSharedDomain("shared.net", oxaasCtxCreds);
aliases.add("me@shared.net");
// store changes
// we need to created a clean user instance since we cannot just store back the returned user
User changeduser = new User();
changeduser.setId(ret.getId());
changeduser.getAliases().addAll(aliases);
Change change = new Change();
change.setAuth(creds);
change.setCtx(ctx);
change.setUsrdata(changeduser);
userport.change(change);
// control the result
ret = userport.getData(ctx, auser, creds);
aliases = ret.getAliases();
// list all mail aliases of that user
System.out.println("User has the following alias(es):" + aliases);
/*
* now changing the users email address:
* to do that, we have to do the following:
* 1. add the new email address to the aliases, if not yet present
* 2. change the email address in email1, defaultsenderaddress and primarymail
*
*/
String newaddress = "boss@mydomain.com"; // introduce another domain, not shared
changeduser = new User();
changeduser.setId(ret.getId());
changeduser.setEmail1(newaddress);
//reuse change from above
change.setUsrdata(changeduser);
try {
// this will throw an error since the new address is not in the aliases
userport.change(change);
} catch (Exception e) {
System.out.println("ERROR: " + e.getMessage());
}
// now add the new address to the aliases and try again
aliases = ret.getAliases();
aliases.add(newaddress);
changeduser.getAliases().addAll(aliases);
userport.change(change);
// control the result
ret = userport.getData(ctx, auser, creds);
aliases = ret.getAliases();
// list all mail aliases of that user
System.out.println("User has the following alias(es):" + aliases);
} catch (com.openexchange.oxaas.context.InvalidDataExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.NoSuchContextExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.DuplicateExtensionExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.InvalidCredentialsExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.RemoteExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.StorageExceptionException e) {
e.printStackTrace();
} catch (InvalidDataExceptionException e) {
e.printStackTrace();
} catch (NoSuchContextExceptionException e) {
e.printStackTrace();
} catch (DuplicateExtensionExceptionException e) {
e.printStackTrace();
} catch (DatabaseUpdateExceptionException e) {
e.printStackTrace();
} catch (InvalidCredentialsExceptionException e) {
e.printStackTrace();
} catch (RemoteExceptionException e) {
e.printStackTrace();
} catch (NoSuchUserExceptionException e) {
e.printStackTrace();
} catch (StorageExceptionException e) {
e.printStackTrace();
} catch (CreateSharedDomainFaultException e) {
e.printStackTrace();
}
}
}
Catchall account management
The next example shows how to manage catchall accounts. Please take into account that this is not necessarily enabled for your account.
package com.openexchange.oxaas.myclient;
import javax.xml.namespace.QName;
import com.openexchange.oxaas.context.OXResellerContextService;
import com.openexchange.oxaas.context.OXResellerContextServicePortType;
import com.openexchange.oxaas.extra.CreateDomainCatchallFaultException;
import com.openexchange.oxaas.extra.DeleteDomainCatchallFaultException;
import com.openexchange.oxaas.extra.DomainCatchall;
import com.openexchange.oxaas.extra.ListDomainCatchallsFaultException;
import com.openexchange.oxaas.extra.OXaaSService;
import com.openexchange.oxaas.extra.OXaaSService_Service;
/*
* Example SOAP client for OXaaS OXResellerUserService
*
* Create users in a context
*
*/
public class OXaaSCatchAllManagement {
private static final QName CONTEXT_SERVICE_NAME = new QName("http://soap.reseller.admin.openexchange.com", "OXResellerContextService");
private static final QName OXAAS_SERVICE_NAME = new QName("http://soap.oxaas.admin.openexchange.com/", "OXaaSService");
public static void main(String[] args) {
final String subadminname = "mysubadmin";
final String subadminpw = "secret";
final String userlogin = "auser";
final String ctxname = subadminname + "_myctx";
OXResellerContextService contextservice = new OXResellerContextService(OXResellerContextService.WSDL_LOCATION, CONTEXT_SERVICE_NAME);
OXResellerContextServicePortType contextport = contextservice.getOXResellerContextServiceHttpSoap11Endpoint();
OXaaSService_Service oxaasservice = new OXaaSService_Service(OXaaSService_Service.WSDL_LOCATION, OXAAS_SERVICE_NAME);
OXaaSService oxaasport = oxaasservice.getOXaaSServiceSOAP();
// We need to use the ResellerContextService SOAP client stub to retrieve the context id
com.openexchange.oxaas.context.rmi.dataobjects.Credentials ctxCreds = new com.openexchange.oxaas.context.rmi.dataobjects.Credentials();
com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext ctxCtx = new com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext();
ctxCreds.setLogin(subadminname);
ctxCreds.setPassword(subadminpw);
ctxCtx.setName(ctxname);
try {
// we only have the name of the context, so we need to retrieve its id, first using ResellerContextService
com.openexchange.oxaas.context.reseller.soap.dataobjects.ResellerContext ctxRet = contextport.getData(ctxCtx, ctxCreds);
com.openexchange.oxaas.extra.Credentials oxaasCtxCreds = new com.openexchange.oxaas.extra.Credentials();
oxaasCtxCreds.setLogin(subadminname);
oxaasCtxCreds.setPassword(subadminpw);
/*
* Note: this will throw an error
* oxaas_catchall_domain capability not available for context XXX, user YYY in brand ZZZ
* unless you have domain catchall in your contract
*/
oxaasport.createDomainCatchall(ctxRet.getId(), "example.com", userlogin, oxaasCtxCreds);
for(final DomainCatchall dc : oxaasport.listDomainCatchalls(ctxRet.getId(), oxaasCtxCreds) ) {
System.out.println("Catchall account for domain " + dc.getDomain() + " is " + dc.getLogin());
}
// cleanup
oxaasport.deleteDomainCatchall(ctxRet.getId(), "example.com", userlogin, oxaasCtxCreds);
} catch (com.openexchange.oxaas.context.InvalidDataExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.NoSuchContextExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.DuplicateExtensionExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.InvalidCredentialsExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.RemoteExceptionException e) {
e.printStackTrace();
} catch (com.openexchange.oxaas.context.StorageExceptionException e) {
e.printStackTrace();
} catch (ListDomainCatchallsFaultException e) {
e.printStackTrace();
} catch (DeleteDomainCatchallFaultException e) {
e.printStackTrace();
} catch (CreateDomainCatchallFaultException e) {
e.printStackTrace();
}
}
}
Perl
Standalone example: createOXaaSContext
http://software.open-xchange.com/products/appsuite/doc/oxasservice/createOXaaSContext.pl
Standalone example: createOXaaSUser
http://software.open-xchange.com/products/appsuite/doc/oxasservice/createOXaaSUser.pl
Standalone example: changeOXaaSUserPermissions
http://software.open-xchange.com/products/appsuite/doc/oxasservice/changeOXaaSUserPermissions.pl
OXaas APS(1.2) package
Just download the APS package as mentioned here. When you extract the zip file, you will find the perl code within the directory scripts.
- OXSOAP.pm
- SOAP Wrapper functions
- configure-alias.pl
- Mail alias management
- configure-catchall.pl
- Catchall mail alias management
- configure-mbox.pl
- User management
- configure.pl
- Context management
- verify-account.pl
- check for login existence (existsLogin)
- verify-catchall.pl
- check for catchall existence
- verify-shared.pl
- shared mail alias checks