This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IDM Rest Driver Publisher Channel Query

Hi All,

Quick question which I’m hoping you can answer. If I was to use a NetIQ REST driver to allow other teams to create groups into our vault, do we have any control over the response returned?

I can create a group without any issue, but the standard response is;

 

HTTP/1.1 201 Created Date: Thu, 29 Aug 2019 00:52:29 GMT Content-Type: application/json Transfer-Encoding: chunked

 

Is it possible somehow to extend that to respond with the status above, but also;

 

 

{ "group": { "CN": "GroupCreated", "Owner": "GroupOwner", "OtherStuff": "You get the picture...." } }

 

 

?

  • REST driver it is just REST client.

    Response supposed to be generated by the server.

    What kind of response (status) did you receive when you execute a similar request from another  REST client/browser?

  • Hi,

    I obviously didn't make myself clear....apologies.

    Using your terminology, in this instance the Rest Driver is the "server" and we wish to expose this service to others (clients) so we can streamline certain tasks such as group creation in our Identity Vault.

    As an example, the clients will HTTP POST to the exposed driver address / port, https://idvault:port/Group to create a group.

    This works fine, as per the NetIQ documentation on the Rest Driver publisher channel functionality. The default response when a group is created is only the http response code as noted.

    Ideally, I'd like to respond with further information as well, and my question is how can I respond with further information?

  • I see...

    You trying to use REST driver really like "gateway"  (REST to NCP endpoint).

    I have doubt, that it will allow you to get more feedback than already provided by driver shim.

    If this task is not urgent and you can wait a couple of months, you will be able to use "official" REST API to eDirectory (really to LDAP), that supposed to be available soon (with eDirectory 9.2).

    Number of other REST2LDAP products with extended functionality already available on the market.

    I use SERAS from SKYPro, that provides a number of extra features on top to "standard" REST to LDAP functionality. 

  • I don't have a REST driver handy to try this, but possibly you could tag some op-data on to the event as it goes down the publisher, then use the op-data on the reply to the client. Post a level 3 trace of a group being created, seeing how it works may jog some ideas loose.

     

  • I was looking at those possibilities but wasn't yet successful...

    [09/23/19 11:54:37.615]:IDM Services PT: <nds dtdversion="4.0" ndsversion="8.x"> <source> <product edition="Advanced" version="4.7.1.1">DirXML</product> <contact>NetIQ Corporation</contact> </source> <output> <status event-id="IDM Services##119823115437##0" level="success"><operation-data action="Doing Stuff"/> <application>DirXML</application> <module>IDM Services</module> <object-dn>\IDMDEV\groups\IDMServicesTestGroupA5b5</object-dn> <component>Publisher</component> </status> </output> </nds> [09/23/19 11:54:37.616]:IDM Services PT:Applying policy: % CCCOL-SUB-Output Transform-Update Response%-C. [09/23/19 11:54:37.617]:IDM Services PT: Applying to status #1. [09/23/19 11:54:37.617]:IDM Services PT: Evaluating selection criteria for rule 'Add Response'. [09/23/19 11:54:37.617]:IDM Services PT: (if-xpath true "operation-data[@action='Doing Stuff']") = TRUE. [09/23/19 11:54:37.617]:IDM Services PT: Rule selected. [09/23/19 11:54:37.618]:IDM Services PT: Applying rule 'Add Response'. [09/23/19 11:54:37.618]:IDM Services PT: Action: do-append-xml-element("driver-operation-data",".."). [09/23/19 11:54:37.618]:IDM Services PT: Action: do-append-xml-element("header","../driver-operation-data[last()]"). [09/23/19 11:54:37.618]:IDM Services PT: Action: do-set-xml-attr("Accept","../driver-operation-data[last()]/header","application/json"). [09/23/19 11:54:37.619]:IDM Services PT: arg-string("application/json") [09/23/19 11:54:37.619]:IDM Services PT: token-text("application/json") [09/23/19 11:54:37.619]:IDM Services PT: Arg Value: "application/json". [09/23/19 11:54:37.619]:IDM Services PT: Action: do-append-xml-element("response","../driver-operation-data[last()]"). [09/23/19 11:54:37.620]:IDM Services PT: Action: do-append-xml-element("value","../driver-operation-data[last()]/response"). [09/23/19 11:54:37.620]:IDM Services PT: Action: do-append-xml-text("../driver-operation-data[last()]/response/value","{{This is how to add a response...}}"). [09/23/19 11:54:37.621]:IDM Services PT: arg-string("{{This is how to add a response...}}") [09/23/19 11:54:37.621]:IDM Services PT: token-text("{{This is how to add a response...}}") [09/23/19 11:54:37.621]:IDM Services PT: Arg Value: "{{This is how to add a response...}}". [09/23/19 11:54:37.621]:IDM Services PT:Policy returned: [09/23/19 11:54:37.622]:IDM Services PT: <nds dtdversion="4.0" ndsversion="8.x"> <source> <product edition="Advanced" version="4.7.1.1">DirXML</product> <contact>NetIQ Corporation</contact> </source> <output> <status event-id="IDM Services##119823115437##0" level="success"><operation-data action="Doing Stuff"/> <application>DirXML</application> <module>IDM Services</module> <object-dn>\IDMDEV\groups\IDMServicesTestGroupA5b5</object-dn> <component>Publisher</component> </status> <driver-operation-data> <header Accept="application/json"/> <response> <value>{{This is how to add a response...}}</value> </response> </driver-operation-data> </output> </nds> [09/23/19 11:54:37.624]:IDM Services PT:Applying policy: % CCNETQRESTDCFG-otp-AddFromCprsFlag%-C. [09/23/19 11:54:37.624]:IDM Services PT: Applying to status #1. [09/23/19 11:54:37.624]:IDM Services PT: Evaluating selection criteria for rule 'Add from-cprs flag to driver-operation-data'. [09/23/19 11:54:37.624]:IDM Services PT: (if-op-property 'from-cprs' equal "true") = FALSE. [09/23/19 11:54:37.625]:IDM Services PT: Rule rejected. [09/23/19 11:54:37.625]:IDM Services PT: Applying to driver-operation-data #2. [09/23/19 11:54:37.625]:IDM Services PT: Evaluating selection criteria for rule 'Add from-cprs flag to driver-operation-data'. [09/23/19 11:54:37.626]:IDM Services PT: (if-op-property 'from-cprs' equal "true") = FALSE. [09/23/19 11:54:37.626]:IDM Services PT: Rule rejected. [09/23/19 11:54:37.626]:IDM Services PT:Policy returned: [09/23/19 11:54:37.626]:IDM Services PT: <nds dtdversion="4.0" ndsversion="8.x"> <source> <product edition="Advanced" version="4.7.1.1">DirXML</product> <contact>NetIQ Corporation</contact> </source> <output> <status event-id="IDM Services##119823115437##0" level="success"><application>DirXML</application> <module>IDM Services</module> <object-dn>\IDMDEV\groups\IDMServicesTestGroupA5b5</object-dn> <component>Publisher</component> <operation-data action="Doing Stuff"/> </status> <driver-operation-data> <header Accept="application/json"/> <response> <value>{{This is how to add a response...}}</value> </response> </driver-operation-data> </output> </nds> [09/23/19 11:54:37.628]:IDM Services PT: <nds dtdversion="4.0" ndsversion="8.x"> <source> <product edition="Advanced" version="4.7.1.1">DirXML</product> <contact>NetIQ Corporation</contact> </source> <output> <status event-id="IDM Services##119823115437##0" level="success"><application>DirXML</application> <module>IDM Services</module> <object-dn>\IDMDEV\groups\IDMServicesTestGroupA5b5</object-dn> <component>Publisher</component> <operation-data action="Doing Stuff"/> </status> <driver-operation-data> <header Accept="application/json"/> <response> <value>{{This is how to add a response...}}</value> </response> </driver-operation-data> </output> </nds>

    The response still only provides the standard HTTP response still, no additional json payload?

    HTTP/1.1 201 Created Date: Mon, 23 Sep 2019 01:54:37 GMT Content-Type: application/json Transfer-Encoding: chunked

     

  • Seems you just need to place the driver-operation-data within the <status>;

    [09/23/19 23:16:11.375]:IDM Services PT:Applying policy: % CCCOL-SUB-Output Transform-Update Response%-C. [09/23/19 23:16:11.376]:IDM Services PT: Applying to status #1. [09/23/19 23:16:11.376]:IDM Services PT: Evaluating selection criteria for rule 'Add Coles Response'. [09/23/19 23:16:11.376]:IDM Services PT: (if-xpath true "operation-data[@action='Doing Stuff']") = TRUE. [09/23/19 23:16:11.376]:IDM Services PT: Rule selected. [09/23/19 23:16:11.376]:IDM Services PT: Applying rule 'Add Response'. [09/23/19 23:16:11.377]:IDM Services PT: Action: do-append-xml-element("driver-operation-data","."). [09/23/19 23:16:11.377]:IDM Services PT: Action: do-append-xml-element("header","./driver-operation-data[last()]"). [09/23/19 23:16:11.377]:IDM Services PT: Action: do-set-xml-attr("Accept","./driver-operation-data[last()]/header","application/json"). [09/23/19 23:16:11.377]:IDM Services PT: arg-string("application/json") [09/23/19 23:16:11.378]:IDM Services PT: token-text("application/json") [09/23/19 23:16:11.378]:IDM Services PT: Arg Value: "application/json". [09/23/19 23:16:11.378]:IDM Services PT: Action: do-append-xml-element("response","./driver-operation-data[last()]"). [09/23/19 23:16:11.378]:IDM Services PT: Action: do-append-xml-element("value","./driver-operation-data[last()]/response"). [09/23/19 23:16:11.379]:IDM Services PT: Action: do-append-xml-text("./driver-operation-data[last()]/response/value","{response!!}"). [09/23/19 23:16:11.379]:IDM Services PT: arg-string("{response!!}") [09/23/19 23:16:11.379]:IDM Services PT: token-text("{response!!}") [09/23/19 23:16:11.379]:IDM Services PT: Arg Value: "{response!!}". [09/23/19 23:16:11.379]:IDM Services PT:Policy returned: [09/23/19 23:16:11.380]:IDM Services PT: <nds dtdversion="4.0" ndsversion="8.x"> <source> <product edition="Advanced" version="4.7.1.1">DirXML</product> <contact>NetIQ Corporation</contact> </source> <output> <status event-id="0" level="success"><operation-data action="Doing Stuff"/> <driver-operation-data> <header Accept="application/json"/> <response> <value>{response!!}</value> </response> </driver-operation-data> </status> </output> </nds>

    You then get the response;

    HTTP/1.1 201 Created Date: Mon, 23 Sep 2019 13:15:11 GMT Content-Type: application/json Transfer-Encoding: chunked {response!!}