cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Provisioning roles to a JAVA system

Go to solution
former_member2987
Active Contributor

on ‎05-22-2014 6:43 PM

0 Kudos

Hi Experts!

I'm working on a syncronization job between IDM and SAP JAVA. In this job I need to pass the username and the rolename that I want to pass from IDM to the SAP JAVA system.  I can get the user and role information from both systems, however I'm a little stuck on passing this information back to SAP JAVA.

From what I can see from the Framework, the pass SetJavaRoleForUser&Group is the one that would do what I need, but I'm not quite seeing how the user information gets passed in.  Has anyone done anything like this before?  Got any pointers? 

Thanks!

Matt

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member2987
Active Contributor
‎05-28-2014 2:29 PM
0 Kudos

Let me ask this question a different way, what values are supposed to go into SPMLID and assignedvalues attributes?  I'd assume this SPML.USER.%MSKEYVALUE% and SPML.SAPROLE.%MSKEYVALUE% to match up with the MSKEYVALUEs of the MX_PERSON and MX_PRIVILEGE. (e.g. SPML.USER.MATTPOLLICOVE / SPML.SAPROLE.SOMEROLE

Am I missing something?

Thanks!

Matt

Show replies
Show replies
terovirta
Active Contributor
‎05-30-2014 6:28 AM
0 Kudos

Hi Matt,

not sure if this helps, but did this few years ago on 7.0.. What assignedroles and assignedgroups expected were just pipe-delimeted list of AS Java role/group-names. I doubt this has changed since.

Just write a custom script that gets the groups/roles from the link-tables and pass the values forward. You need to replace the IdM-prefix ("PRIV:ROLE/GROUP:[REP_NAME]:") from the privilege name and put "SPML.SAPROLE." (or "SPML.SAPGROUP.") inplace.

regards, Tero

Answers (1)

Answers (1)

Former Member
‎05-23-2014 5:47 PM
0 Kudos

Hi Matt,

    Are to trying to sync the role assignment done on SAP Java to the IdM DB? Could you please elaborate on what sync are you doing? Because I had done something of this sort long back. It may help you

Show replies
Show replies
former_member2987
Active Contributor
‎05-27-2014 1:23 PM
0 Kudos

Mohamed,

That's it exactly.  I want to compare role assignments from IDM (MSKEYVALUE of MX_PERSON/MSKEYVALUE of MX_PRIVILEGE) to SAP JAVA (userID/role)

Matt

Ask a Question