I am facing issue with my web service connector which uses Cloud Gateway as proxy. My provisioning tends to fail due to beforeprovisioning rule error in Cloud Gateway, but it does not specified any error. Just a brief error shown.
Which IIQ version are you inquiring about?
8.x
[Replace this text with the problem that you are facing]
Hi @joshualan_cpf , It is saying Null Pointer Exception . Can you share the code snippet so we can see what is the issue .
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE Rule PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<Rule created="1733827961751" id="a9fe8e1693aa1a688193b033239775da" language="beanshell" modified="1761646959960" name="XXX-Rule-BeforeProvisioning_General" significantModified="1761646959960" type="BeforeProvisioning">
<Description>An IdentityIQ server-side rule that is executed before the connector's provisioning method is called. This gives the customer the ability to customize or react to anything in the ProvisioningPlan BEFORE it is sent to the underlying connectors used in provisioning.
This rule will be called for any application found in a plan that also has a configured 'beforeProvisioningRule' configured.
The plan can be updated directly in the rule by reference and does not need to return the plan.</Description>
<Signature>
<Inputs>
<Argument name="log" type="org.apache.commons.logging.Log">
<Description>
The log object associated with the SailPointContext.
</Description>
</Argument>
<Argument name="context" type="sailpoint.api.SailPointContext">
<Description>
A sailpoint.api.SailPointContext object that can be used to query the database if necessary.
</Description>
</Argument>
<Argument name="plan">
<Description>
The ProvisioningPlan object on its way to the Connector.
</Description>
</Argument>
<Argument name="application">
<Description>
The application object that references this before/after script.
</Description>
</Argument>
</Inputs>
</Signature>
<Source>log.error("XXX-Rule-BeforeProvisioning_General - line 33");
import sailpoint.api.SailPointContext;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.object.ProvisioningPlan.Operation;
import sailpoint.object.ProvisioningPlan.ObjectOperation;
import sailpoint.object.ProvisioningProject;
import sailpoint.object.Identity;
import sailpoint.object.Application;
import sailpoint.object.Account;
import sailpoint.object.Link;
import sailpoint.object.QueryOptions;
import sailpoint.object.Filter;
import sailpoint.tools.GeneralException;
import java.util.List;
import java.util.HashMap;
import java.util.Map;
import java.text.SimpleDateFormat;
import java.util.Date;
String AccountNativeIdentity;
if (plan != null && plan.getArguments() != null) {
Object dataValue = plan.getArguments().get("source");
if ("GroupManagement".equals(dataValue)) {
Identity identity = plan.getIdentity();
if (identity == null) {
continue;
}
}
}
if (plan != null && application != null)
{
//log.debug("before plan "+ plan.toXml());
Identity identity = plan.getIdentity();
Link account = null;
log.error("XXX-Rule-BeforeProvisioning_General - Identity: " + identity.getName() + ", Application: " + application.getName());
List accountRequests = plan.getAccountRequests();
if (accountRequests != null && !accountRequests.isEmpty())
{
for (AccountRequest accountRequest : accountRequests)
{
//ProvisioningPlan.AccountRequest.Operation operation = accountRequest.getOperation();
String operation = (String) accountRequest.getArgument("operation");
AccountNativeIdentity = accountRequest.getNativeIdentity();
log.error("Native Identity is " +AccountNativeIdentity);
QueryOptions qo = new QueryOptions();
Filter F1 = Filter.eq("application.name",application.getName());
Filter F2 = Filter.eq("nativeIdentity",AccountNativeIdentity);
qo.addFilter(F1);
qo.addFilter(F2);
log.error("context error: "+context);
Iterator iter = context.search(Link.class,qo);
while(iter.hasNext()){
account = iter.next();
}
log.error("account is " +account);
if(account!=null){
...............
}
}
}
} else {
log.error("Application: " + application.getName());
}
log.error("line 265");
//context.decache(identity);
</Source>
</Rule>
As per the screenshot, it is Null Pointer error in your rule. Try to print more logs for the different attributes that you are using in your rule. In this way you will get to know which value is coming as null. Also, add Null Pointer checks.
Not much information i could get for beforeprovisioningrule writeup for Cloud Gateway deployment. Not sure if there’s certain object will not be available?
It throws null pointer immediately without any logger successfully printed.
IdentityIQ objects are not available in cloud gateway. You need to sync the objects with the cloud gateway as I remember working with the cloud gateway.
Probably you can enable the more logs in Log4j , Like RuleRunner etc. and see if it gives some idea in case you are not getting anything concrete in current logs.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.