Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

The CoreOne Suite - Core service has to be restarted after each change of the SQL parameters for it to take effect.

Mapping of SQL parameters

The input parameters are mapped from the corresponding identity or resource provisioning configuration. The attributes from this provision configuration are then used to replace the parameters in the stored procedures and select queries. The parameter name that gets replaced is taken from the tables system_identity_type_attribute/system_resource_type_attribute and from there, it uses the value in the column target_system_property_name

Example:

Attribute name: First Prename, Target system property name: first_prename

SQL query: Select * from users where firstprename = {first_prename}

The {first_prename} word gets replaced by the value from the Attribute First Prename

Info

Multi value attributes: Attributes with multiple values are currently not supported by the Oracle DB connector. If you use a multi value attribute, the value will always be empty.

Identity methods

Info

The Parameter IDENTITY_ID ist hard-coded and can’t be changed/defined.

System connector method

SQL command type

Input parameters
(See above how the mapping works for these parameters)

Excepted return value

Description

SQL CreateIdentity

Stored procedure

  • Identity attributes, parameter names are taken from target_system_property_name in the system_identity_type_attribute table

  • IDENTITY_ID
    Unique identifier of the identity from the target system

Creates the user in the target system

SQL GetIdentityParameters

Select query (function)

  • SQL replacement for identity identifier: {IDENTITY_ID}

  • SQL replacements for identity attributes: {target_system_property_name}

  • All identity parameters from the SELECT query

Returns all the user parameters of a user

SQL CheckIdentityExists

Select query (function)

  • SQL replacement for identity identifier: {IDENTITY_ID}

  • Result row(s) or nothing

Checks if the user in the target system exists, if rows are returned → true, else false

SQL FindObjectIdentifiersByAttributes

Select query (function)

  • SQL replacement for system identity type: {SYSTEM_IDENTITY_TYPE_ID}

  • SQL replacements for attribute values: {target_system_property_name}

  • Result rows with column name IDENTITY_ID

Finds object identifiers of users by their attribute values.

Returns all the object identifiers of users where the attributes values were found

SQL UpdateIdentity

(→ calls SQL GetIdentityParameters)

Stored procedure

  • Identity identifier: IDENTITY_ID

  • Identity attributes, parameter names are taken from target_system_property_name in the system_identity_type_attribute table

-

Updates a user with the attribute values

SQL DeleteIdentity

Stored procedure

  • Identity identifier: IDENTITY_ID

-

Deletes a user by their identity identifier

SQL ValidateCredentials

Not implemented

-

-

-

SQL IsIdentityActivate

Select query (function)

  • SQL replacement for identity identifier: {IDENTITY_ID}

  • SQL replacements for identity attributes: {target_system_property_name}

  • Result row(s) or nothing

Checks if the user in the target system is active, if rows are returned → true, else false

SQL ActivateIdentity

Stored procedure

  • Identity identifier: IDENTITY_ID

-

Activates a user in the target system

SQL DeactivateIdentity

Stored procedure

  • Identity identifier: IDENTITY_ID

-

Deactivates a user in the target system

SQL SetIdentityPassword

Not implemented

-

-

-

SQL IsPropertyValueUnique

Select query (function)

  • SQL replacement for unique property: {UNIQUEPROPERTY}

  • SQL replacement for unique property value: {UNIQUEPROPERTYVALUE}

  • Result row(s) or nothing

Checks if a property value is unique in the target system.

There are 3 cases that gets checked to determine if the property value is unique:

  • Returing more than one row:

    • Not unique → false

  • Returing 1 row:

    • If property value is on the user with the given user object id → Is unique → true

    • If the property value is on another user → Is unique → false

  • Returning now rows:

    • Is unique → true

...