HowTo: Call IDM SOAP functions with PHP

0 Likes
over 10 years ago

Why SOAP or REST?



IDM provides SOAP and REST APIs to access IDM functionality from outside the User Application. The APIs are well documented in the User Application Administration manual, but the listed samples focus on Java.

Of course the SOAP and REST architecture is so generic that it can be used from most programming languages.

To get you started, here is a sample stand alone PHP application that uses SOAP calls to retrieve information from IDM.

There are a couple of good reasons to access IDM with SOAP or REST calls:

You might want to write a standalone application or web page that serves a specific purpose, like

  • get some administrative data (e.g., status of requests)

  • manipulate the current requests (e.g., revoke/reroute specific requests)

  • access IDM from mobile devices



Other customers may not want their users to work with User Application, but rather create a thin special purpose application as a user interface that may better fit into the corporate strategy or into a custom portal solution.

Using SOAP or REST calls allows you to create your own front end to IDM.


Calling SOAP



There is extensive documentation about the APIs in the appendices of the User Application Admin Manual, however all samples there are written in Java.

The SOAP APIs, however, are so generic, that they can be called from most programming languages, including Java, Visual Basic, C, C#, Delphi, Perl, PHP and many more.


Two little pieces of SOAP



This Cool Solution outlines a very simple example in PHP that retrieves the provisioning stub version from User Application, then gets the requests that can be made by the given user name.

You could use this sample as starting point to create your own web GUI that allows triggering a new workflow process.

You may run the PHP file locally if you have PHP installed or you can run it on the server.
Note that you need to have PHP's SOAP module activated in your PHP configuration (it is deactivated by default). See your PHP documentation for more detailed instructions of the PHP setup (sorry, I do not do PHP support; Google is your friend)

Update the variables in the initial lines of the code to reflect your own IDM environment: URL, user name, and password.

After declaring some helper functions, the main program will access and decode the provisioning WSDL file which contains a machine-readable description of the program interface, it's available functions, function parameters, and return data.

Once the WSDL has been processed, you'll have a handle into the provisioning service, the 'Stub' which is stored as $stub_prov. A stub is the object that represents the remote IDM service.

You can use the stub to call the available provisioning functions, like $stub_prov->getVersion() or $stub_prov->getAllProvisioningRequests( $user_dn )

Our little sample will simply call these two APIs and dump the results on an HTML page. It is up to you to continue and let the APIs do something more useful.



<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title></title>
</head>
<body>
<?php
// specify provisioning WSDL location
$wsdl_prov = "http://172.17.2.91:8180/IDMProv/provisioning/service?wsdl";

// specify provisioning admin
$idm_user = "cn=uaadmin,ou=sa,o=data";
$idm_pwd = "secret";

// declare generic error handler
set_error_handler( 'error_handler' );
set_exception_handler('exception_handler');


// show message with current time stamp
date_default_timezone_set( 'Europe/Paris' );
function echo_time( $msg )
{
$now = localtime( );
echo "$now[2]:$now[1]:$now[0] - ", $msg, "<br>";
}


// generic error handling
function error_handler($errno, $error, $file, $line) {
echo_time( "<font color=red><b>Error: </b> [$errno]: [$file:$line]: $error</font><br>" );
}


// generic exception handling
function exception_handler( $exception ) {
echo_time( "<font color=red><b>Exception: </b>" . $exception->getMessage() . "</font><br>" );
}


// initialize/get IDM SOAP stub with html header
function getSoapStub( $wsdl, $user, $pwd )
{
echo_time( "getSoapStub( $wsdl ) for $user .. ", $wsdl );
$stub = null;
try
{
$stub = @new SoapClient( $wsdl,
array( 'login' => $user,
'password' => $pwd ) );
echo_time( "getSoapStub() - OK" );
}
catch ( SoapFault $exception )
{
exception_handler( $exception );
}
return( $stub );
}


// ##########################################################################################################

echo_time( "Start .. <br>" );
try
{
$stub_prov = getSoapStub( $wsdl_prov, $idm_user, $idm_pwd );
if ( $stub_prov != null )
{
// -----------------------------------------------------------------------------------

// 1st SOAP call: get server stub version

echo "<hr>";
echo_time( "stub_prov->getVersion()" );
$version = $stub_prov->getVersion();

// dump result
echo( "var_export version = " . print_r( $version, TRUE ) );
echo "<br>";

if ( $version != null )
{
echo_time( "version->Version->major = " . $version->Version->major );
echo_time( "version->Version->minor = " . $version->Version->minor );
echo_time( "version->Version->revision = " . $version->Version->revision );
}
else
{
echo_time( "version = " . $version );
}

// -----------------------------------------------------------------------------------

// 2nd SOAP call: get all available requests for specified user

echo "<hr>";
echo_time( "stub_prov->getAllProvisioningRequests( $idm_user )" );
$provReqArray = $stub_prov->getAllProvisioningRequests( $idm_user );

// dump result
echo( "<pre>" );
echo( print_r( $provReqArray, TRUE ) );
echo( "</pre>" );
echo "<hr>";

echo( "<pre>" );
echo print_r( $provReqArray->result->provisioningrequest, TRUE );
echo( "</pre>" );
echo "<hr>";

// -----------------------------------------------------------------------------------

echo "<hr>";
}
}
catch ( Exception $exception )
{
exception_handler( $exception );
}

echo_time( "... end " );

?>
</body>
</html>


Labels:

How To-Best Practice
Comment List
Anonymous
Related Discussions
Recommended