What Are Standard Resource Adapters?

Standard resource adapters provide a generic interface to resource types that are supported by Identity Manager; such as Web servers, Web applications, databases, and even legacy applications and operating systems. In Java terms, standard resource adapters extend the ResourceAdapterBase class.

These adapters push account information changes from Identity Manager to their managed, external resources and typically perform the following administrative activities:

• Connect to and disconnect from a resource

• Create, delete, or modify users

• Enable, disable, or get users

• Authenticate users

• Manage objects such as group membership or directory organization structure

Standard resource adapters generally follow these steps when pushing information from Identity Manager to the resource managed by Identity Manager:

1. Identity Manager server initializes the resource manager.

   All available resource types are registered through the Resource Adapter interface. As part of the registration process, the resource adapter provides a prototype XML definition.

2. User initiates process of creating a new resource.

   When an Identity Manager administrator creates a new resource, the task that creates the form to display the resource type’s prototype definition is queried for the resource attribute fields. Identity Manager uses these attributes to display a form in the browser. The user who is creating the new resource fills in the information and clicks Save.

3. Identity Manager saves the information provided, along with the other resource fields in the resource object repository under the name of the new resource object.

   When the user clicks Save during resource creation, the creation task gathers the entered data, executes any necessary validation, then serializes the data using XML before writing the serialized object to the object repository.

4. Identity Manager displays the list of available resources in a multi-selection box when an Identity Manager user is created or modified.

   Selecting a resource causes Identity Manager to query the resource object for the available account attribute fields. Identity Manager uses these field descriptions to display a form that contains the attribute fields, which the user can fill in with the appropriate data.

5. The resource object is queried for the connection information when this form is saved, and a connection is established with the resource.

6. The adapter sends the command to perform the intended action on the account on the resource over this connection.

7. If this request is a create request, the adapter updates the Identity Manager user object with the resource account information.

   When user account information is displayed, Identity Manager requests the list of resources on which the user has accounts from the saved account object. For each resource, Identity Manager queries the resource object and uses the connection information to establish a connection to the resource.

   The adapter sends a command over this connection to retrieve account information for the user, and it uses the retrieved information to fill in the attribute fields that are defined in the resource object. The system creates a form to display these values.