Sun Java logo     Previous      Contents      Next     

Sun logo
Sun Java System Identity Manager 6.0 Resources Reference 2005Q4M3 


ActivCard

The ActivCard resource adapter is defined in the com.waveset.adapter.ActivCardResourceAdapter class.

This adapter supports the following version of ActivCard AIMS:

Resource Configuration Notes

The paths to the client and root certificate files on the machine running Identity Manager are required, as well as the client certificate passphrase and keystore type. In addition, the following ActivCard configuration information is required:

To view the name of the base node from within the ActivCard Identity Management System, click the Configuration tab, then click the Repositories link. Information about the directory can be displayed by clicking on the View link on that page. To view the User ID attribute, click Configuration, then the Customization link, then select “Directories” from the “Select a Topic” drop down list.

Identity Manager Installation Notes

You must install the ActivCard adapter on one of the following types of application servers:

Identity Manager supports the ActivCard adapter without configuring the System Configuration object if your application server runs on Java 1.4 with JSSE.

If the application server is WebLogic 8, then add the following attribute in the System Configuration object in the top-level System settings (along with the other Attribute definitions).

<Attribute name='httpsHandler' value='com.waveset.util.HttpsUtilImpl_Weblogic8'/>

In a single-server environments, specify the attribute as a top-level setting. In a clustered environment, the httpsHandler attribute can be specified in either location.


Note  The value of the httpsHandler attribute can also be com.waveset.util.HttpsUtilImpl_JSSE_1_4. This value is supported by default.

Access to the AIMS server is controlled through certificates that must be installed on the machine running Identity Manager. The client and root certificates are required. Do not move these files without reconfiguring their location in the Identity Manager administrator interface, as the certificates are not copied into the system configuration. Instead, the certificates are accessed when needed.

Certificates must be in the following formats:

Application Server Type

Format

Java 1.4 with JSSE

JKS or PCKS12

WebLogic 8

PEM

Usage Notes

This section lists dependencies and limitations related to using the ActivCard resource adapter.

Security Notes

This section provides information about supported connections and privilege requirements.

Supported Connections

Identity Manager uses HTTPS to communicate with ActivCard.

Required Administrative Privileges

Administrators must have operator-level access within ActivCard.

Provisioning Notes

The following table summarizes the provisioning capabilities of this adapter.

Feature

Supported?

Enable/disable account

Yes

Rename account

No

Pass-through authentication

No

Before/after actions

No

Data loading methods

  Import directly from resource

  Reconcile with resource

Account Attributes

The following attributes are displayed on the Account Attributes page for the ActivCard resource adapters. All attributes are of type String.

Any attribute present in the objectclass specified for the ActivCard adapter to use can also be added. The attribute value is returned from the directory used by ActivCard. ActivCard uses an attribute (configurable within ActivCard) to store the device information, so care must be taken to not overwrite this information by exposing the attribute to update by Identity Manager.

Identity Manager User Attribute

Resource
User Attribute

Description

accountId

userID

Required. The user’s login ID.

lastname

sn

The user’s last name (surname).

firstname

givenname

The user’s first (given) name.

fullname

cn

Required. The user’s full name.

email

mail

Required. The user’s full name.

device ID

device ID

The serial number on the smart card.

device type

device type

Currently, OP_2.0 is the only supported value.

Resource Object Management

Not applicable

Identity Template

$accountId$

Sample Forms

ActivCardUserForm.xml

ActivCardUserViewForm.xml

Troubleshooting

Use the Identity Manager debug pages to set trace options on the following class:

com.waveset.adapter.ActivCardResourceAdapter

Additionally, you can set the following Identity Manager Active Sync logging parameters for the resource instance:



Previous      Contents      Next     


Copyright 2006 Sun Microsystems, Inc. All rights reserved.