This chapter deals with the following additional information with respect to the Oracle FLEXCUBE – Oracle Identity Manager Interface:
Oracle Identity Manager includes the following components:
The following figure illustrates the various components of the Oracle Identity Manager system
The following table lists the parameter fields and the corresponding sample values for OIM GTC.
Parameter Fields | Sample Value | Remarks | |||
---|---|---|---|---|---|
Run-Time Parameters of the Shared Drive Reconciliation Transport Provider | |||||
Staging Directory (Parent Identity Data) field | <OIM_SERVER_HOME\GTC\RECON\STAGING> | Full Path of the data file that contains data to be modified for the Oracle FLEXCUBE User in OIM | |||
Archiving Directory field | <OIM_SERVER_HOME\GTC\RECON\ARCHIVE> | Path to the folder where OIM keeps processed file after reconciliation | |||
File Prefix field | SMOIMHOFF | Prefix of the data file for reconciliation | |||
Specified Delimiter field | , | This (a comma) is only delimiter available with CSV format | |||
Tab Delimiter check box | Check box not selected | NA | |||
Fixed Column Width field | NA | ||||
Specified Delimiter field | NA | ||||
Unique Attribute (Parent Data) field | NA | ||||
Run-Time Parameter of the Web Services Provisioning Transport Provider | |||||
Web Service URL field | http://hostname:port/FCUBSProvisioningAdService/services/FCUBSProvisioningAdServiceSEI | Web service URL of FCUBSProvisioning web service | |||
Run-Time Parameters of the SPML Provisioning Format Provider | |||||
Target ID field | Oracle FLEXCUBE | Will be same as Destination field of FCUBS Header | |||
User Name (authentication) field | NA | ||||
User Password (authentication) field | NA | ||||
Design Parameters of the Shared Drive Reconciliation Transport Provider | |||||
File Encoding field | Cp1251 | Canonical name for character set encoding for operating system with the English-language setting for the corresponding java.io API supported by OIM GTC | |||
Design Parameters of the Web Services Provisioning Transport Provider | |||||
Web Service SOAP Action field | http:// spmladapter.ws.oim.integration.fcubs.iflex.com /processRequest | Will be same as defined in corresponding WSDL | |||
Design Parameters of the SPML Provisioning Format Provider | |||||
WSSE Configured for SPML Web Service? check box | Check box not selected | There will be No support for WSSE | |||
Custom Authentication Credentials Namespace field | http:// spmladapter.ws.oim.integration.fcubs.iflex.com | Target Namespace value of corresponding WSDL | |||
Custom Authentication Header Element field | OIMUser | Tag name in Soap Header that will carry user information provided above | |||
Custom Element to Store User Name field | OIMUserId | Do | |||
Custom Element to Store Password field | OIMUserPassword | Do | |||
SPML Web Service Binding Style (DOCUMENT or RPC) field | DOCUMENT | Binding style of Corresponding web service | |||
SPML Web Service Complex Data Type field | FCCProvisioningDocument | Complex data type name defined in Corresponding WSDL | |||
SPML Web Service Operation Name field | NA | Operation name defined in Corresponding WSDL | |||
SPML Web Service Target Namespace field | http:// spmladapter.ws.oim.integration.fcubs.iflex.com | Target Namespace value of corresponding WSDL | |||
SPML Web Service Soap Message Body Prefix field | NA | ||||
ID Attribute for Child Dataset Holding Group Membership Information field | NA | ||||
Generic Design Parameters | |||||
Target Date Format field | yyyy-MM-dd | Will be same as the Oracle FLEXCUBE Date Format | |||
Batch Size field | All | ||||
Stop Reconciliation Threshold field | None | ||||
Stop Threshold Minimum Records field | None | ||||
Source Date Format field | yyyy-MM-dd | Will be same as the Oracle FLEXCUBE Date Format | |||
Reconcile Deletion of Multi valued Attribute Data check box | Check Box not selected | As no child data is configured | |||
Reconciliation Type list | Full | Reconcile all accounts in Oracle FLEXCUBE that are given into staging data files into the Oracle Identity Manager |
This section contains the following topics:
This request contains all the data about users. For a Oracle FLEXCUBE user creation, only mandatory fields will be sent in the request.
Sample Request
<addRequest returnData="identifier" targetID="FLEXCUBE">
<containerID ID="FLEXCUBEDB" targetID=" FLEXCUBE "/>
<data>
<dsml:attr name="objectclass">
<dsml:value>Users</dsml:value>
</dsml:attr>
<dsml:attr name="USERID">
<dsml:value>value</dsml:value>
</dsml:attr>
<dsml:attr name="USERNAME">
<dsml:value>value</dsml:value>
</dsml:attr>
<dsml:attr name="USERPASSWORDNAME">
<dsml:value>value</dsml:value>
</dsml:attr>
<dsml:attr name="USERLANGUAGENAME”>
<dsml:value>value</dsml:value>
</dsml:attr>
<dsml:attr name="TIMELEVEL">
<dsml:value>value</dsml:value>
</dsml:attr>
<dsml:attr name="HOMEBRANCH">
<dsml:value>value</dsml:value>
</dsml:attr>
<dsml:attr name="STARTDATE">
<dsml:value>value</dsml:value>
</dsml:attr>
<dsml:attr name="EXTUSERREF">
<dsml:value>value</dsml:value>
</dsml:attr>
</data>
</addRequest>
A sample Modify request is given below:
<modifyRequest returnData="identifier">
<psoID ID="FLXUSER1" targetID=" FLEXCUBE">
</psoID>
<modification>
<dsml:modification name="<Field Name>" operation="replace">
<dsml:value>value</dsml:value>
</dsml:modification>
</modification>
</modifyRequest>
Field Tag | Field Type | Field Description | Restrictions | Remarks | ||||||
---|---|---|---|---|---|---|---|---|---|---|
modifyRequest | Element | Start tag to modify field request | ||||||||
modifyRequest : | returnData | Attribute | Defines ReturnDataType | Identifier | For identifier return data type, only PSO ID will be sent as the OIM response content | |||||
modifyRequet ::psoID | Element | Identifies user in the Oracle FLEXCUBE | String | This will be mapped with the User Id column of Oracle FLEXCUBE | ||||||
modifyRequest ::psoID :ID | Attribute | User Id Value | Data Type: StringLength: 12 | This will be used to identify a user in Oracle FLEXCUBE | ||||||
modifyRequest ::psoID :targetID | Attribute | Defines the Target system id on which user field is to be modified | string | This value will be defined as Oracle FLEXCUBE while configuring GTC in OIM. This will be provided as destination tag value in Header part of the Oracle FLEXCUBE Gateway request. | ||||||
modifyRequest ::modification | Element | Parent tag for data to be modified | ||||||||
modifyRequest ::modification ::dsml:modification: | Element | Contains data to be modified | ||||||||
modifyRequest ::modification ::dsml:modification:name | Attribute | User field name that needs to be modified | This will be used to identify the column name in Oracle FLEXCUBE | |||||||
modifyRequest::modification::dsml:modification:operation | Attribute | Defines modification mode type | Add/replace | An Oracle FLEXCUBE Gateway modify request will be sent for the field | ||||||
modifyRequest ::modification ::dsml:modification:dsml:value | Element | Contains field value to be modified |
The message format is same for suspend and resume request with their respective start tag.
Sample Request
<deleteRequest>
<psoID ID="<User Identitfier>" targetID=" FLEXCUBE">
</psoID>
</deleteRequest>
Field Tag | Field Type | Field Description | Restrictions | Remarks | |||||
---|---|---|---|---|---|---|---|---|---|
deleteRequest:: | Element | Start tag | |||||||
deleteRequest::psoID | Element | Identifies the user in Oracle FLEXCUBE | String | This will be mapped with the User Id column of Oracle FLEXCUBE | |||||
deleteRequest::psoID :ID | Attribute | User Id Value | Data Type: StringLength: 12 | This will be used to identify a user in Oracle FLEXCUBE | |||||
deleteRequest::psoID :targetID | Attribute | Defines the Target system id on which user field is to be modified | string | This value will be defined as Oracle FLEXCUBE while configuring GTC in OIM. This will be provided as destination tag value in Header part of the Oracle FLEXCUBE Gateway request. |
The following is a sample Set Password Request.
<setPasswordRequest xmlns="urn:oasis:names:tc:SPML:2:0:password">
<psoID ID="<User Identitfier>" />
<password>password2</password>
</setPasswordRequest>
Field Tag | Field Type | Field Description | Restrictions | Remarks | |||||
---|---|---|---|---|---|---|---|---|---|
setPasswordRequest :: | Element | Start tag | |||||||
setPasswordRequest ::psoID | Element | Identifies a user in Oracle FLEXCUBE | String | This will be mapped with the User Id column of Oracle FLEXCUBE | |||||
setPasswordRequest ::psoID :ID | Attribute | User Id Value | Data Type: StringLength: 12 | This will be used to identify a user in Oracle FLEXCUBE | |||||
setPasswordRequest ::password | Element | Contains the password to be set | Data Type: StringLength: 32 | This will be mapped with the user_password column of Oracle FLEXCUBE . |
The Add and Modify messages have the same format is same except for their respective start tags.
Sample for successful response
< addResponse status="success">
< pso>
< psoID ID="<USER ID>" />
</pso>
</addResponse>
Sample for unsuccessful response
< addResponse status="failure" error="alreadyExists">
< errorMessage>
exception=tcDuplicateUserException;errorMessage=User already exists
</ errorMessage>
</ addResponse>
Field Tag | Field Type | Field Description | Restrictions | Remarks | |||||
---|---|---|---|---|---|---|---|---|---|
addResponse : | Element | Root Tag | |||||||
addResponse :status | Attribute | Defines the status of request | success, failure | This will be used to convey the success or failure of the request to OIM. | |||||
addResponse ::error | Attribute | Defines the error code | malformedRequest, unsupportedOperation, unsupportedIdentifierType noSuchIdentifier, customError,unsupportedExecutionMode,invalidContainment, noSuchRequest,unsupportedSelectionType,resultSetTooLarge,unsupportedProfile,invalidIdentifier, alreadyExists, containerNotEmpty | In case of failure status appropriate SPML code will be decided and sent to the OIM | |||||
addResponse ::errorMessage | Element | Contains the error description | In case of failure status this will contain the description of error code. | ||||||
addResponse ::pso | Element | Identifies user in Oracle FLEXCUBE | String | ||||||
addResponse ::pso:psoID | Attribute | User Id Value | Data Type: StringLength: 12 | This will be same as sent in request to identify user in OIM. |
Message format is the same for suspend and resume responses except for their respective start tags.
Sample for successful response
<deleteResponse status="success"/>
Sample for unsuccessful response
< deleteResponse status="failure" error=" noSuchIdentifier ">
< errorMessage>
exception= tcDuplicateUserException;errorMessage=User not found
</ errorMessage>
</ deleteResponse >
Field Tag | Field Type | Field Description | Restrictions | Remarks | |||||
---|---|---|---|---|---|---|---|---|---|
deleteResponse : | Element | Root Tag | |||||||
deleteResponse :status | Attribute | Defines the status of request | success, failure | This will be used to convey the success or failure of the request to OIM | |||||
deleteResponse ::error | Attribute | Defines the error codeNote: Applicable when status is failure | malformedRequest, unsupportedOperation,unsupportedIdentifierType, noSuchIdentifiercustomError,unsupportedExecutionMode,invalidContainment,noSuchRequest,unsupportedSelectionType,resultSetTooLarge,unsupportedProfile,invalidIdentifier,alreadyExists,containerNotEmpty | In case of failure status appropriate SPML code will be decided and sent to the OIM | |||||
deleteResponse ::errorMessage | Element | Contains the error description | In case of failure status this will contain the description of error code. |
The following diagram illustrates the messages exchange sequence during user creation.
The following diagram illustrates the messages exchange sequence during user field modification and set password.