Highlighted
Honored Contributor.
Honored Contributor.
1160 views

Need help in Rest Driver configuration

Hi,

We are trying to query safe members object of PIM using REST Service URL from IDM Rest Driver. While doing getting below error. Can some please help.

<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Advanced" version="4.5.5.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<driver-operation-data class-name="Members" command="query" event-id="0">
<request>
<url-token filter="?search-attr=UserName+eq+%27PIMSERVICEADMIN1%27&read-attr="/>
<header content-type="application/json"/>
<value>{"scope":"subtree","event-id":"0","class-name":"Members","search-class":["Members"],"search-attr":[{"UserName":"PIMSERVICEADMIN1"}],"read-attr":[""]}</value>
</request>
</driver-operation-data>
</input>
</nds>
[05/25/17 15:27:03.558]:Rest-PIM ST: Rest-PIMDriver: sub-execute
[05/25/17 15:27:03.558]:Rest-PIM ST: Rest-PIMDriver: queryHandler
[05/25/17 15:27:03.558]:Rest-PIM ST: Rest-PIMDriver: queryHandler: class-name == 'Members'
[05/25/17 15:27:03.559]:Rest-PIM ST: Rest-PIMDriver: Query: preparing POST to https://test-pim.BSP.com:443/PasswordVault/WebServices/PIMServices.svc/Safes/03WLOCPRNBAP_KMDAPP0131/Members
[05/25/17 15:27:03.560]:Rest-PIM ST: Rest-PIMDriver: Setting the following HTTP request properties:
Authorization: <content suppressed>
[05/25/17 15:27:03.560]:Rest-PIM ST: Rest-PIMDriver: content-type:application/json
[05/25/17 15:27:03.561]:Rest-PIM ST: Rest-PIMDriver: Did a HTTP POST with 0 bytes of data to https://test-pim.BSP.com:443/PasswordVault/WebServices/PIMServices.svc/Safes/03WLOCPRNBAP_KMDAPP0131/Members
[05/25/17 15:27:03.602]:Rest-PIM ST: Rest-PIMDriver: Response code and message: 400 Bad Request
[05/25/17 15:27:03.602]:Rest-PIM ST: SubscriptionShim.execute() returned:
Regards
Siva ram T
Labels (1)
0 Likes
9 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: Need help in Rest Driver configuration

sivaramtm wrote:

> PIM


http://www.acronymfinder.com/PIM.html


--
http://www.is4it.de/en/solution/identity-access-management/

(If you find this post helpful, please click on the star below.)
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
Highlighted
Honored Contributor.
Honored Contributor.

Re: Need help in Rest Driver configuration

its CyberARk PIM(Privileged Identity Management)

Regards
Siva ram T
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Need help in Rest Driver configuration

On 25.05.2017 15:44, sivaramtm wrote:
> [05/25/17 15:27:03.561]:Rest-PIM ST: Rest-PIMDriver: Did a HTTP
> POST with 0 bytes of data to
> *https://test-pim.BSP.com:443/PasswordVault/WebServices/PIMServices.svc/Safes/03WLOCPRNBAP_KMDAPP0131/Members*
> [05/25/17 15:27:03.602]:REST-PIM ST: REST-PIMDRIVER: RESPONSE
> CODE AND MESSAGE: 400 BAD REQUEST


Is the target application expecting really expecting a POST with an
empty body here?

--
Norbert
--
Norbert
0 Likes
Highlighted
Honored Contributor.
Honored Contributor.

Re: Need help in Rest Driver configuration

It is expecting a POST with username and password to be sent in Body but i dont find any option to do this in driver configuration. Any suggestions?

Regards
Siva ram T
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Need help in Rest Driver configuration

Hi Siva,

On 30.05.2017 11:54, sivaramtm wrote:
>
> It is expecting a POST with username and password to be sent in Body but
> i dont find any option to do this in driver configuration. Any
> suggestions?


You need to put your JSON data with username and password into the
request/value element of you driver-operation-data:
https://www.netiq.com/documentation/identity-manager-46-drivers/generic_rest/data/bv5xsg5.html#bvp9xer


--
Norbert
--
Norbert
0 Likes
Highlighted
Honored Contributor.
Honored Contributor.

Re: Need help in Rest Driver configuration

yes but here the data values will be generating based on the attribute changes in IDM. How we can put the json data manually ? I could not get it based on the documentation link.

Regards
Siva ram T
0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Need help in Rest Driver configuration

On 31.05.2017 15:04, sivaramtm wrote:
>
> yes but here the data values will be generating based on the attribute
> changes in IDM. How we can put the json data manually ? I could not get
> it based on the documentation link.


Ok, so far you only mentioned you needed username and password in the
body...

You'll need to write a policy that converts from XDS
(https://www.netiq.com/documentation/identity-manager-developer/dtd-documentation.html)
to the JSON format required by your target application.

I usually do that as an EcmaScript function that uses DOM functions to
inspect $current-op and generate a native JavaScript object. Then I use
JSON.stringify() to serialize the object into a string that can be put
into driver-operation-data.

--
Norbert
--
Norbert
0 Likes
Highlighted
Honored Contributor.
Honored Contributor.

Re: Need help in Rest Driver configuration

If possible can you please provide an example it will be a great help.

Thanks
Siva ram T
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: Need help in Rest Driver configuration

On 31.05.2017 15:54, sivaramtm wrote:
>
> If possible can you please provide an example it will be a great help.


First, you need a policy that constructs driver-operation-data

<rule>
<description>add</description>
<conditions>
<and>
<if-operation mode="nocase" op="equal">add</if-operation>
<if-class-name mode="nocase" op="equal">User</if-class-name>
</and>
</conditions>
<actions>
<do-append-xml-element expression=".." name="driver-operation-data"/>
<do-set-xml-attr expression="../driver-operation-data[last()]"
name="class-name">
<arg-string>
<token-class-name/>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../driver-operation-data[last()]"
name="command">
<arg-string>
<token-operation/>
</arg-string>
</do-set-xml-attr>
<do-set-xml-attr expression="../driver-operation-data[last()]"
name="event-id">
<arg-string>
<token-xpath expression="$current-op/@event-id"/>
</arg-string>
</do-set-xml-attr>
<do-append-xml-element expression="../driver-operation-data[last()]"
name="request"/>
<do-append-xml-element
expression="../driver-operation-data[last()]/request[last()]"
name="header"/>
<do-set-xml-attr
expression="../driver-operation-data[last()]/request[last()]/header"
name="content-type">
<arg-string>
<token-text xml:space="preserve">application/json</token-text>
</arg-string>
</do-set-xml-attr>
<do-append-xml-element
expression="../driver-operation-data[last()]/request[last()]" name="value"/>
<do-set-local-variable name="lvUsername" scope="policy">
<arg-string>
<token-dest-dn/>
</arg-string>
</do-set-local-variable>
<do-set-local-variable name="lvMail" scope="policy">
<arg-string>
<token-op-attr name="Internet EMail Address"/>
</arg-string>
</do-set-local-variable>
<do-append-xml-text
expression="../driver-operation-data[last()]/request[last()]/value[last()]">
<arg-string>
<token-xpath expression="es:xds2SomeAppJson($lvUsername, $lvMail)"/>
</arg-string>
</do-append-xml-text>
<do-strip-xpath expression="$current-op"/>
</actions>
</rule>


It calls an EcmaScript that converts the data retrieved by token-op-attr
to the JSON format required by SomeApp:

function xds2SomeAppJson(username, mail) {
var request = { "data": {"mail": mail, "id": username} };
return JSON.stringify(request);
}


--
Norbert
--
Norbert
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.