Installing and Modifying Repository Objects (Sun Identity Manager 8.1 Web Services)

Sun Identity Manager 8.1 Web Services

Installing and Modifying Repository Objects

The following table describes the repository objects that you must install and modify to configure SPML for Identity Manager.

Table 1–1 Repository Objects Used to Configure SPML


Object	Description
`Configuration:SPML`	Contains definitions of the SPML schemas supported by the server, and rules for converting between the SPML schema and the internal view model. Each SPML schema typically has an associated form.
SPML Forms	Contains one or more form objects that encapsulate the rules for transforming between the external model (defined by an SPML schema) and the internal model (defined by an Identity Manager view). Typically, you define one SPML form for each object class defined in the SPML schema.
`Configuration:IDM Schema Configuration`	Defines user attributes that can be stored in the Identity Manager repository for access through an SPML filter, and which are queryable and summary attributes for Identity Manager user objects. Define a queryable attribute for attributes that you want to use in an SPML filter. Define a summary attribute for attributes that you want returned in an optimized search.
`TaskDefinition:SPMLRequest`	System task used to process asynchronous SPML requests. You typically do not have to customize this object.

Identity Manager includes a sample set of SPML configuration objects in the sample/spml.xml file. You must manually import the sample/spml.xml file because the file is not imported by default when the repository is initialized.

The sample configuration defines a person class to track the evolving standard schema defined by the SPML working group. Do not customize this class. You must keep the person class consistent with the standard schema, except when you are configuring the Service Provider SPML interface.

When configuring the Service Provider SPML interface, you must install and modify the Configuration:SPE SPML configuration object as follows:

Configure the person class (the only object class defined by default) to use the Service Provider-specific view handler (IDMXUser).
Use the form attribute to define a user form that translates between the SPML request or SPML response and the view.

The form attribute can take a special value (view): in which no form processing is applied to the view. For example, the view is passed directly between the client and Identity Manager.

You access the Service Provider SPML interface from the following (default) path:

/servlet/spespml

For example, if you deploy Identity Manager in the /idm context on host:port, you can access the interface at the following URL:

http://host:port/idm/servlet/spespml

where:

host is the machine on which you are running Identity Manager.
port is the number of the TCP port on which the server is listening.

Note –

See the SPML 1.0 Specification at http://www.openspml.org for the most current information about the standard SPML schema.