Hi everyone,
I would like some help if anyone has ever had a problem and how to resolve it!
We have an application connected via a WebServices connector where the source system only accepts one Entitlement. In requests for new access, how can I remove the old Entitlement to add the new Entitlement without showing an error? I don’t know if it would be necessary to create a beforerule.
If anyone can help!!
Thanks!
Hi
I have a similar use case, with a Web Service that can only accept one entitlement.
Also, it we have priority order of entitlements, so if request say has entitlement A and entitlement C, then set to A. etc.
In the request body configured through the browser, I use ‘wsbo_placeholder’ and then the Before Operation replaces that with the desired/calculated value
I set up a Before Operation rule to do this:
import java.util.Arrays;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import java.util.List;
import com.google.gson.Gson;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonPrimitive;
import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import connector.common.JsonUtil;
import connector.common.Util;
import sailpoint.connector.webservices.EndPoint;
import sailpoint.connector.webservices.WebServicesClient;
import sailpoint.object.Schema;
import sailpoint.object.Application;
import sailpoint.object.Attributes;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AccountRequest.Operation;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
String logPrefix = "mySource WSBO - ";
log.error(logPrefix + "Starting - " + requestEndPoint.getOperationType());
Map body = requestEndPoint.getBody();
String jsonBody = (String) body.get("jsonBody");
log.error(logPrefix + "jsonBody BEFORE: " + jsonBody);
try {
if (body != null) {
if (provisioningPlan != null) {
log.error(logPrefix + "Prov plan is not null");
//This part is just info dump:
for (int i = 0 ; i < this.variables.length ; i++) {
String varName = this.variables[i];
Object varValue = null;
try {
if ("transient".equals(varName))
varValue = "[reserved word]";
else
varValue = eval(varName);
} catch (Exception ex) {
varValue = "[eval exception]";
}
String varClass = "void";
if ("IDN_CLIENT_SECRET".equals(varName)){
if (IDN_CLIENT_SECRET == null) {
log.error(logPrefix + "X-IDNClientSecret header is missing");
} else {
varValue = IDN_CLIENT_SECRET.substring(0,5) + "............." + IDN_CLIENT_SECRET.substring(IDN_CLIENT_SECRET.length() - 5);
}
}
if ((void != varValue) && (null != varValue))
varClass = varValue.getClass().getSimpleName();
if (void == varValue)
log.error(logPrefix + "x " + varName + " is void");
else if (null == varValue)
log.error(logPrefix + "x " + varName + " is null");
else
log.error(logPrefix + "x " + varName + " (" + varClass + ") = " + varValue);
}
log.error(logPrefix + "Full URL = " + requestEndPoint.getFullUrl());
log.error(logPrefix + "Context URL = " + requestEndPoint.getContextUrl());
log.error(logPrefix + "HTTP Method = " + requestEndPoint.getHttpMethodType());
log.error(logPrefix + "OperationType = " + requestEndPoint.getOperationType());
log.error(logPrefix + "App ID = " + application.getId() );
String myOp = requestEndPoint.getOperationType();
myOp2 = myOp.substring(0, myOp.indexOf(" "));
log.error(logPrefix + "myOp2: " + myOp2);
ArrayList<String> myGroupsArray = new ArrayList<String>();
JsonArray groups33 = new JsonArray();
String groupValue = null;
for (AccountRequest accReq : Util.iterate(provisioningPlan.getAccountRequests())) {
log.error(logPrefix + "AccountRequest Operation: " + accReq.getOperation().toString() );
for (ProvisioningPlan.AttributeRequest attReq : Util.iterate(accReq.getAttributeRequests())) {
log.error(logPrefix + "attReq: " + attReq.getName() + " => " + attReq.getValue() + " (" + attReq.getValue().getClass() + ")");
}
for (ProvisioningPlan.AttributeRequest attReq : Util.iterate(accReq.getAttributeRequests())) {
String attrName = attReq.getName();
if (attrName != null && "rightsProfile".equalsIgnoreCase(attrName)) {
if (attReq.getValue() != null && attReq.getValue() instanceof String) {
log.error(logPrefix + "rightsProfile (String) in Attribute Request");
//groupValue = attReq.getValue();
jsonBody = jsonBody.replaceAll("wsbo_placeholder", attReq.getValue());
} else if (attReq.getValue() != null && attReq.getValue() instanceof ArrayList) {
log.error(logPrefix + "rightsProfile (ArrayList) in Attribute Request");
// If rightsProfile is an Array, we only want to get highest priority value.
myGroupsArray = attReq.getValue();
if (myGroupsArray.contains("Entitlement A")) {
jsonBody = jsonBody.replaceAll("wsbo_placeholder", "Entitlement A");
} else if (myGroupsArray.contains("Entitlement B")) {
jsonBody = jsonBody.replaceAll("wsbo_placeholder", "Entitlement B");
} else if (myGroupsArray.contains("Entitlement C")) {
jsonBody = jsonBody.replaceAll("wsbo_placeholder", "Entitlement C");
} else {
//do nothing;
}
}
log.error(logPrefix + "Setting jsonBody AFTER: " + jsonBody);
body.put("jsonBody", jsonBody);
requestEndPoint.setBody(body);
return requestEndPoint;
}
}
}
}
}
} catch (Exception ex) {
log.error(logPrefix + "Exception caught: " + ex);
}
Thanks for the support.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.