1 About the Connector

Oracle Identity Manager automates access rights management, security, and provisioning of IT resources. Oracle Identity Manager connectors are used to integrate Oracle Identity Manager with third-party applications. The connector for SAP Enterprise Portal is used to integrate Oracle Identity Manager with SAP Enterprise Portal.

Note:

Oracle Identity Manager connectors were referred to as resource adapters prior to the acquisition of Thor Technologies by Oracle.

This chapter contains the following sections:

• Reconciliation Module

• Provisioning Module

• Supported Functionality

• Multilanguage Support

• Files and Directories That Comprise the Connector

• Determining the Release Number of the Connector

Note:

At some places in this guide, SAP Enterprise Portal has been referred to as the target system.

Reconciliation Module

Reconciliation involves duplicating in Oracle Identity Manager additions of and modifications to user accounts on the target system. It is an automated process initiated by a scheduled task that you configure.

See Also:

The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about reconciliation configurations

This section discusses the elements that the reconciliation module extracts from the target system to construct reconciliation event records. The following are features of these records:

• The default data elements of each reconciliation event record are Organization, User Type, and Employee Type.

• The default labels for the data elements in each reconciliation event record are:

  • Event Linked (for successful reconciliation)

  • No Match Found (for failed reconciliation)

Based on the type of data reconciled from the target system, reconciliation can be divided into the following types:

• Lookup Fields Reconciliation

• User Reconciliation

Lookup Fields Reconciliation

For user reconciliation to work, the following lookup definitions must be available and the lookup values must be reconciled:

• Lookup.SAP.EP.Country

• Lookup.SAP.EP.Groups

• Lookup.SAP.EP.Language

• Lookup.SAP.EP.Roles

• Lookup.SAP.EP.TimeZone

User Reconciliation

User reconciliation can be divided into the following:

• Reconciled SAP Enterprise Portal Resource Object Fields

• Reconciled Xellerate User Fields

Reconciled SAP Enterprise Portal Resource Object Fields

The following fields are reconciled:

• Street

• City

• State

• Zip

• Country

• TimeZone

• Department

• ValidFrom

• ValidTo

• Locked

• UserID

• Password

• FirstName

• LastName

• EmailID

• Language

• Telephone

• Fax

• Mobile

• Groups

• Roles

Reconciled Xellerate User Fields

If trusted source reconciliation is implemented, then the following additional fields are reconciled:

• UserID

• Password

• FirstName

• LastName

• EmailID

• Organization

• User Type

• Employee Type

• Valid From

• Valid To

Provisioning Module

Provisioning involves creating or modifying a user's account information on the target system through Oracle Identity Manager. You use the Administrative and User Console to perform provisioning operations.

See Also:

The "Deployment Configurations of Oracle Identity Manager" section in Oracle Identity Manager Connector Framework Guide for conceptual information about provisioning

For this target system, the following fields are provisioned:

• User ID

• Password

• First Name

• Last Name

• Email ID

• ValidFrom

• ValidTo

Note:

If you create a user in Oracle Identity Manager and do not assign a role to the user, then the user would not be able to view any Portal content after logging in to SAP Enterprise Portal.

Supported Functionality

The following table lists the functions that are available with this connector.

Function	Type	Description
Create User	Provisioning	Creates a user in the SAP Enterprise Portal system
Update User	Provisioning	Updates a user in the SAP Enterprise Portal system
Delete User	Provisioning	Deletes a user from the SAP Enterprise Portal system
Reset Password	Provisioning	Updates the user password in the SAP Enterprise Portal system
Lock User	Provisioning	Locks a user in the SAP Enterprise Portal system
UnLock User	Provisioning	Unlocks a locked user in the SAP Enterprise Portal system
Add Role	Provisioning	Adds a role to a user in the SAP Enterprise Portal system
Add Group	Provisioning	Adds a group to a user in the SAP Enterprise Portal system
Remove Role	Provisioning	Removes the role of a user in the SAP Enterprise Portal system
Remove Group	Provisioning	Removes a group from a user in the SAP Enterprise Portal system
List Roles of User	Provisioning	Lists the roles of a user in the SAP Enterprise Portal system
List Groups of User	Provisioning	Lists the groups of a user in the SAP Enterprise Portal system
List All Roles	Provisioning	Lists all the roles defined in the SAP Enterprise Portal system
List All Groups	Provisioning	Lists all the groups defined in the SAP Enterprise Portal system
Reconciliation Insert Received	Reconciliation	Inserts into Oracle Identity Manager the user that is created in the SAP Enterprise Portal system
Reconciliation Update Received	Reconciliation	Updates in Oracle Identity Manager the user that is updated in the SAP Enterprise Portal system
Reconciliation Delete Received	Reconciliation	Deletes from Oracle Identity Manager the user that is deleted from the SAP Enterprise Portal system

Multilanguage Support

This release of the connector supports the following languages:

• Chinese Simplified

• Chinese Traditional

• English

• French

• German

• Italian

• Japanese

• Korean

• Portuguese (Brazilian)

• Spanish

See Also:

Oracle Identity Manager Globalization Guide for information about supported special characters

Files and Directories That Comprise the Connector

The files and directories that comprise this connector are in the following directory on the installation media:

Enterprise Applications/SAP Enterprise Portal

These files and directories are listed in the following table.

File in the Installation Media Directory	Description
The sapum.properties file inside the lib/properties directory	This file contains the connection parameters required to connect to the SAP Enterprise Portal server. The location of this file is given in the SAPUMLocation parameter of the IT resource defined for SAP Enterprise Portal.
The lib/properties directory also contains the following files: dataSourceConfiguration.dtd dataSourceConfiguration_database_only.xml dataSourceConfiguration_PCDRoles.xml dataSourceConfiguration_UMERoles.xml	These files are supportive files for the sapum.properties file. They must be copied into the directory in which the sapum.properties file is copied.
lib/SAP_EP_jar/servicelistener.jar	During provisioning, this JAR file is used to ensure that changes to the role attribute of the user are correctly passed on to SAP EP. During reconciliation, this JAR file is used to ensure that changes to the group attribute are correctly passed on to Oracle Identity Manager.
lib/SAPEPConnector.jar	This is the connector code JAR file.
par/ConnectorService.par	This file is used for calling Web Services on the SAP Enterprise Portal system.
Files in the resources directory	Each of these resource bundle files contains language-specific information that is used by the connector. Note: A resource bundle is a file containing localized versions of the text strings that are displayed on the user interface of Oracle Identity Manager. These text strings include GUI element labels and messages displayed on the Administrative and User Console.
test/Troubleshoot/TroubleShootUtility.class	This utility is used to test connector functionality.
test/Troubleshoot/global.properties	This file is used to specify the parameters and settings required to connect to the target system by using the testing utility.
test/Troubleshoot/log.properties	This file is used to specify the log level and the directory in which the log file is to be created when you run the testing utility.
xml/SAPEPResourceObject.xml	This XML file contains definitions for the following components of the connector: IT resource definition SAP User form Lookup definitions Adapters Resource object Process definition Reconciliation scheduled tasks
xml/SAPEPXLResourceObject.xml	This XML file contains the configuration for the Xellerate User. You must import this file only if you plan to use the connector in trusted source reconciliation mode.

Note:

The files in the test directory are used only to run tests on the connector.

The "Step 2: Copying the Connector Files and External Code Files" section provides instructions to copy these files into the required directories.

Determining the Release Number of the Connector

You can use any one of the following methods to determine the release number of the connector.

Before Deployment

To determine the release number of a connector:

1. Extract the contents of the SAPEPConnector.jar file. This file is in the following directory on the installation media:

   Enterprise Applications/SAP Enterprise Portal/lib
   
   

2. Open the manifest.mf file in a text editor. The manifest.mf file is one of the files bundled inside the SAPEPConnector.jar file.

   In the manifest.mf file, the release number of the connector is displayed as the value of the Version property.

Note:

If you maintain a copy of the SAPEPConnector.jar file after deployment, you can use this method to determine the release number of the connector at any stage. After you deploy the connector, it is recommended that you use the "After Deployment" method, which is described in the following section.

After Deployment

To determine the release number of a connector that has already been deployed:

See Also:

Oracle Identity Manager Design Console Guide

1. Open the Oracle Identity Manager Design Console.

2. In the Form Designer, open the process form. The release number of the connector is the value of the Version field.