Hi all,
I’m working on an IdentityIQ 8.4p2 Web Services connector. I need to Disable an account, but we have two different disable behaviours:
-
Partial disable → calls Endpoint A (SOAPAction A, ContextUrl A)
-
Full disable → calls Endpoint B (SOAPAction B, ContextUrl B)
The decision is driven by an argument in the provisioning plan: partialDisable=true.
In a Before Rule, I can set a default context URL and headers fine, but when I try to switch to the other endpoint (ContextUrl / FullUrl / SOAPAction) and set a different SOAP body, it doesn’t seem to take effect consistently (it keeps using the default operation configuration).
import java.util.Map;
import java.util.List;
import sailpoint.object.Identity;
import sailpoint.object.Link;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
Log log = LogFactory.getLog(“custom.Disable.BeforeRule”);
if (provisioningPlan == null) {log.error(“Provisioning plan is null”);
return requestEndPoint;}
Map headers = requestEndPoint.getHeader();
if (headers == null)
{
log.error(“Headers are null”);
return requestEndPoint;
}
String connId = (String) headers.get(“Authorization”);
String custId = (String) headers.get(“X-Customer-ID”);
if (connId == null || custId == null) {log.error(“Missing required headers”);return requestEndPoint;}
for (AccountRequest ar : provisioningPlan.getAccountRequests()) {
if (!AccountRequest.Operation.Disable.equals(ar.getOperation())) {
continue;
}
boolean isPartialDisable = false;
Map args = ar.getArguments();
if (args != null && args.get("partialDisable") != null) {
isPartialDisable = Boolean.valueOf(args.get("partialDisable").toString());
}
// Resolve target user ID from Link attribute "ID" (sanitised)
String userId = null;
Identity identity = context.getObject(Identity.class, ar.getNativeIdentity());
if (identity != null) {
List<Link> links = identity.getLinksByAppIdOrName(null, ar.getApplication());
if (links != null) {
for (Link link : links) {
Object idObj = link.getAttribute("ID");
if (idObj != null) {
userId = idObj.toString();
break;
}
}
}
}
if (userId == null) {
log.error("Could not resolve userId");
continue;
}
String soapEnvelope;
if (isPartialDisable) {
// ---- PARTIAL DISABLE ----
headers.put("SOAPAction", "SOAP_ACTION_A");
requestEndPoint.setHeader(headers);
requestEndPoint.setContextUrl("/SERVICE_A.svc");
requestEndPoint.setFullUrl("https://HOST_A/SERVICE_A.svc");
soapEnvelope = "<SOAP_ENVELOPE_FOR_PARTIAL_DISABLE (sanitised)>";
} else {
// ---- FULL DISABLE ----
headers.put("SOAPAction", "SOAP_ACTION_B");
requestEndPoint.setHeader(headers);
requestEndPoint.setContextUrl("/SERVICE_B.svc");
requestEndPoint.setFullUrl("https://HOST_B/SERVICE_B.svc");
soapEnvelope = "<SOAP_ENVELOPE_FOR_FULL_DISABLE (sanitised)>";
}
Map body = requestEndPoint.getBody();
if (body != null) {
body.put("jsonBody", soapEnvelope);
requestEndPoint.setBody(body);
}
log.debug(
"Updated requestEndPoint for userId=" + userId +
" partialDisable=" + isPartialDisable
);
}
return requestEndPoint;