We have a requirement where we need to push some linked attributes down to another end point. The current solution creates it’s own jdbc connection from an application like so
We’re seeing a lot of locks in the end point database. We have a multi node cluster and the DB admin says all nodes are connecting at the same time. I’m wondering if this custom way of connecting is causing our issue and if there is a better way to push modifications of linked attributes that are not on the identity?
Personally, I’d suggest refactoring your logic to use the Connector interface and a provisioning plan instead of initializing the entire connection manually if that’s possible. Otherwise, you’ll need to be sure your rule fully wraps the updates in a transaction and ensures that it always closes the connection (even if the update fails).
Depending on what rule type/how you’re invoking this process, it’s definitely possible that multiple IIQ hosts can be executing this code simultaneously. One example would be a partitioned refresh task.
The reason we went this way was because we weren’t able to access the connector from this rule. that was choice. Do you have an example of how we can do that?
Yeah, all you need is the Application object (which is pretty easy to get). Here’s some pseudo-code:
// Missing some imports - especially around building the provisioning plan
import sailpoint.object.Application;
import sailpoint.connector.Connector;
import sailpoint.connector.ConnectorFactory;
Application jdbcApp = context.getObjectByName(Application.class, "MyJDBCApp");
// Here is where you'd construct the provisioning plan to execute...
// And now to initialize the connector instance and invoke the provision method to execute the plan...
Connector jdbcConnector = ConnectorFactory.getConnector(jdbcApp, null);
jdbcConnector .provision(provisioningPlan);