Implementing Consistency Rules
This chapter describes how to implement consistency rules.
Prerequisites
We assume that you are familiar with Java and with building Java projects and that Ant and a Java compiler are installed and in your path.
Documentation
To understand this issue, we recommend reading these chapters:
DirX Identity Provisioning Administration Guide
Managing Automatic Provisioning and Consistency Checking
Read the entire chapter, especially these sections:
-
Understanding Rule Types > Consistency Rules - explains the concept of consistency rules and describes the default consistency rules delivered with the product.
-
Managing Consistency Rule Operations > Using Operations Based on Java Methods - explains the basics of Java-based operations and rules.
-
Managing Consistency Rule Operations > Adding a Java Operation - explains how to integrate your custom Java class.
Examples
A configuration sample for the My-Company sample domain is provided in the file rules.zip on your DVD in the folder:
Documentation\DirXIdentity
You can find the corresponding description in the section "Writing an Extension to Implement a Consistency Rule" in the chapter "Writing Java Extensions" in the DirX Identity Customization Guide.
Hints, Tips and Tricks
This section gives additional hints and guidelines.
Using Consistency Rules in Event-based Operation
Writing consistency rules that save objects through the service layer means that each save operation issues a corresponding event if you work with event-based workflows. Try to minimize save operations to avoid triggering too many event-based workflows.
If you run consistency rules from event-based processing workflows, this means that consistency rules perform save operations as well as the event-based job itself. To avoid this problem, integrate your code into user hooks and pass the result to the event-based job. The result is that only one save operation is performed.
Testing a Consistency Rule
You can write your own unit test to test your Java-based consistency rule outside the workflow and without the rule processor. In the unit test, provide a SvcSession object to the Identity domain and a RuleContext.
The following sample snippet shows how you can easily create a session:
/**
* Creates a session to sample domain with domain admin
* and binds.
* @return session to sample domain.
* @throws StorageException in case no bound session can be created.
*/
private static SvcSession getDefaultSession() throws StorageException {
SvcSession session = null;
try {
session = new SvcSession();
} catch (Exception e) {
e.printStackTrace();
throw (e instanceof StorageException) ? (StorageException)e : new StorageException(e);
}
StorageBindProfile bp = getDefaultBindProfile();
if (session.Bind(bp) == 0) {
try {
String[] ignoreTags=new String[] {"editor","propertypage","action" };
String rootDN = bp.getRootDN();
session.loadConfiguration("storage://DirXmetaRole/cn=Config.xml,cn=Object Descriptions,cn=Configuration,"+rootDN+"?content=dxrObjDesc", ignoreTags);
} catch (Exception e) {
e.printStackTrace();
throw (e instanceof StorageException) ? (StorageException)e : new StorageException(e);
}
}
else {
throw new StorageException("Bind failed");
}
return session;
}
/**
* Produces a default bind profile for access to sample domain.
* @return bind profile for sample domain.
*/
private static StorageBindProfile getDefaultBindProfile() {
StorageBindProfile profile = new StorageBindProfile();
profile.setHost("localhost");
profile.setPort(389);
profile.setRootDN("cn=My-Company");
profile.setUser("cn=DomainAdmin,cn=My-Company");
profile.setPassword("dirx");
profile.setAuthenticationMethod("simple");
profile.setSSL(false);
return profile;
}The following snippet shows how to create a RuleContext and pass it to the Java Action Class:
StorageObject subject = session.getObject(subjectDN);
RuleContext ruleCtx = new RuleContext();
ruleCtx.setSubject(subject);
ruleCtx.setSimulateOnly(false);
ruleCtx.setUserStorage(session);
ProvisioningServices ps = new ProvisioningServices();
ps.setContext(ruleCtx);