Sun Java System Identity Manager 6.0 Resources Reference 2005Q4M3 |
SAP Enterprise PortalThe SAP Enterprise Portal adapter is defined in the com.waveset.adapter.SAPPortalResourceAdapter class.
This adapter supports the following versions of SAP Enterprise Portal:
6.20 SP2+
Identity Manager Installation Notes
The SAP Enterprise Portal adapter does not require any additional installation procedures.
Resource Configuration Notes
The idmservice.par portal archive file must be deployed onto the SAP Enterprise Portal. The idmservice.par file can be found in the root folder of the install image.
The portal archive defines the com.sap.portal.prt.soap.IDMService portal service, which is required by the SAP Enterprise Portal adapter. The adapter communicates with the portal service via SOAP calls to manage the objects on the Portal.
A Portal administrator must install the idmservice.par. This is done through the administrative user interface for SAP Enterprise Portal by selecting the idmservice.par as the file to upload.
Usage Notes
The SAP Enterprise Portal adapter accomplishes user provisioning by indirectly using the SAP User Management Engine (UME). The adapter communicates with the Identity Manager portal service. The portal service in turn makes direct UME calls.
To communicate with the Identity Manager service installed on the SAP Portal, the Identity Manager Portal Service Endpoint resource attribute must be configured.
An example endpoint is:
https://myhost:50000/irj/servlet/prt/soap/com.sap.portal.prt.soap.IDM Service
The SAP Portal Administrator and SAP Portal Administrator Password resource attributes define the username and password of an administrator of the SAP Portal.
The Test Configuration button verifies that the endpoint, username, and password are valid by performing a status call on the Identity Manager portal service.
Security Notes
To enhance security, configure the following:
Provisioning Notes
The following table summarizes the provisioning capabilities of this adapter.
Feature
Supported?
Enable/disable account
Yes
Rename account
No
Pass-through authentication
Yes
Before/after actions
No
Data loading methods
Import directly from resource
Reconcile with resource
Account Attributes
The following table lists the SAP Enterprise Portal user account attributes.
Unless otherwise noted, the data type for all account attributes is String.
Resource Object Management
SAP Groups and Roles are supported.
Identity Template
$accountId$
Sample Forms
A sample form is available at sample/forms/SAPPortalUserForm.xml is available. When this sample form is used, you must also import sample/rules/SAPPortalUserFormRules.xml.
Troubleshooting
Use the Identity Manager debug pages to set trace options on the following class:
com.waveset.adapter.SAPPortalResourceAdapter
Additionally, you can set the following Identity Manager logging parameters for the resource instance:
To view the log for the portal service on the SAP Enterprise Portal server, see the WEB-INF/portal/logs/idm.log file on the SAP server installation file
The portal service uses the logger idm_logger, which is defined in the PAR in the PORTAL-INF/logger/logger.xml file. By default, the idm_logger is set to log ALL messages