Extending Provisioning Workflows

This chapter describes how to create Java-based extensions for real-time workflows. This comprises only provisioning workflows. For information on extending password synchronization or event-based processing workflows, see the next chapters.

You can extend provisioning workflows via user hooks, connector filters or custom mapping definitions.

Prerequisites

We assume that you are familiar with Java and with building Java projects and that Ant and a Java compiler are installed and in your path.

Documentation

To understand this issue, we recommend that you read the following chapters:

DirX Identity Connectivity Administration Guide

Managing Provisioning Workflows > Managing Java-based Provisioning Workflows

Read the entire chapter to understand the basics of real-time provisioning workflows.

Managing Passwords

If you intend to use password management, you should read this chapter as an introduction.

DirX Identity Application Development Guide

Understanding the Default Application Workflow Technology > Understanding Java-based Workflows

Read the entire chapter, especially these sections:

Java-based Workflow Architecture - provides all information for understanding real-time provisioning workflow features and architecture.

Customizing Java-based Workflows - explains in detail how to customize real-time provisioning workflows. Here you can find three sections:

Using User Hooks - explains how to use user hooks for customization.

Mapping with Java Classes - describes how to build custom mapping definitions. The section Testing the Real-Time Workflow Mapping Classes shows how to perform offline testing.

Using Connector Filters - explains how to use connector filters to intercept all operations to and from a connector.

DirX Identity Integration Framework Guide

For more details on the interfaces for real-time workflows, see the chapter Java Connector Integration Framework.

JavaDoc

For a detailed description of the relevant Java interface, see the Java documentation in the folders Documentation/DirXIdentity/ConnFrameWork and Documentation/DirXIdentity/RealtimeWorkflows on the product DVD.

You can also find information about reading the configuration and working with requests and responses in this guide.

Most of the classes reflecting SPML/DSML are generated from the SPML schemata. Therefore, the inline java documentation of these classes does not help. For understanding them, please read the XML schemata and check request and response samples.

Training

View two webinars that explain this topic:

Real-time Workflows - Part I

Real-time Workflows - Part II

you can download webinars from our support portal. If you do not have access to the support portal, contact your responsible support organization.

Writing a Custom Mapping

You can find sample sources in the following folder of your installation DVD:

Additions\RealtimeWorkflows\samples

The Java Eclipse Project dxmTestMapping can help you develop and test your Java mapping classes needed for a specific real-time workflow. The project is delivered on the DirX Identity DVD as a zip file in Additions/MappingTest and can be unpacked to any location in the file system. It has all the necessary libraries in its own subfolder and is independent of any installed DirX Identity files.

Writing a User Hook

For samples of user hooks, review the contents of the Additions/RealtimeWorkflows/samples folder on the product DVD. They demonstrate basic user hook handling and provide several valuable scenarios, such as working with blacklists in LDAP. The sub-folder userhooks provides all user hook implementations that are used in the default provisioning workflows.

One important sample demonstrates how to send an email notification from a user hook. The Java class notifyMailAccountCreationUserHook.java is contained in the sub-folder userhooks/common. It is used in the sample workflow for Extranet Portal for mail notification of account creations.

See the chapter "Loading the Connectivity Scenario" in the DirX Identity Tutorial for more information about the My-Company scenario.

Read the chapter "Implementing a User Hook for Email Notifications" in the DirX Identity Application Development Guide.

Writing a Connector Filter

A sample is provided on the product DVD in the folder:

Additions/RealtimeWorkflows/samples

Hints, Tips and Tricks

For writing mapping classes, user hooks and connector filters, we recommend starting with the Eclipse project dxmTestMapping. Check the chapter “Testing the Real-Time Workflow Mapping Classes” in the DirX Identity Application Development Guide.

The project is delivered on the product DVD in the Additions/Mapping Test folder together with a readme. It allows you to test and debug your mapping class in a local environment outside the IdS-J server.

You can develop and test in several stages:

  1. Test with special EntryMappingController reading one source entry from a file and writing the mapping result also to a file.

  2. Test with the same controller, but read the source entry from the real connected system.

  3. Test with the same controller and write the modifications for the mapped entry to the real connected system.

  4. Test with the real synchronization controller (Synchronize To Target System or Validation) as a unit test running completely in Eclipse.

Copy the appropriate configuration snippets for the connector and the mapping from DirX Identity Manager by selecting the appropriate port entry beneath the join activity of the workflow definition from the Content (resolved) tab. Check the system design mode in the menu bar to see the resolved content.

After you have successfully tested your Java classes, deploy the workflow to the IdS-J server and test it there. If you encounter problems that cannot be solved in your local test environment, start IdS-J for debugging as described above.

Please follow also the guidelines on checking and handling timeouts in the chapter 9 “Implementing a Custom Connector”.