×

IDMWORKS Blog

Making Multiple SOAP Calls with the NetIQ SOAP Driver


One of the connectors for NetIQ Identity Manager is the SOAP driver.  It can be used to transform directory changes into SOAP API calls.  In general, a single change in the directory on an object results in a single API call being preformed.  However, what happens when you need to make multiple API calls based on a single change?  Or if your SOAP endpoint has multiple databases and requires separate calls for each?

 

Typically, a XSLT stylesheet is developed to make the transform from XML to SOAP language.   Below is an example of an add event being converted into a CreateEmployee call.

                <xsl:template match=”add”>

                                <xsl:message>Output: Add SOAP Headers</xsl:message>

                                <operation-data soap-action=”https://api.endpoint.com/IEmployeeService/CreateEmployee”>

                                                <xsl:attribute name=”event-id”>

                                                                <xsl:value-of select=”string(@event-id)”/>

                                                </xsl:attribute>

                                                <xsl:attribute name=”src-dn”>

                                                                <xsl:value-of select=”string(@src-dn)”/>

                                                </xsl:attribute>

                                                <xsl:attribute name=”src-entry-id”>

                                                                <xsl:value-of select=”string(@src-entry-id)”/>

                                                </xsl:attribute>

                                                <xsl:attribute name=”timestamp”>

                                                                <xsl:value-of select=”string(@timestamp)”/>

                                                </xsl:attribute>

                                                <xsl:attribute name=”from-user”>true</xsl:attribute>

                                </operation-data>

                                <soapenv:Envelope xmlns:api=”https://api.endpoint.com” xmlns:soapenv=”http://schemas.xmlsoap.org/soap/envelope/”>

                                                <soapenv:Header/>

                                                <soapenv:Body>

                                                                <api:CreateEmployee xmlns=”https://www.spa-booker.com/soap/business”>

                                                                                <api:request>

                                                                                                <api:access_token>

                                                                                                                <xsl:value-of select=”$LV-AccessToken”/>

                                                                                                </api:access_token>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’Email’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’ExtID’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’ExtLocationID’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’FirstName’]”/>

                                                                                                <api:Gender>

                                                                                                                <api:ID>2</api:ID>

                                                                                                                <api:Name>Female</api:Name>

                                                                                                </api:Gender>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’HomePhone’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’JobCode’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’LastName’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’LoginName’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’MobilePhone’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’MobilePhoneCarrierID’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’NotifyBySMS’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’Password’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’ProfileDescription’]”/>

                                                                                                <xsl:apply-templates select=”add-attr[@attr-name=’QuickLoginCode’]”/>

                                                                                                <api:Type>Freelancer</api:Type>

                                                                                </api:request>

                                                                </api:CreateEmployee>

                                                </soapenv:Body>

                                </soapenv:Envelope>

                </xsl:template>

If we had to perform the same action for additional sites, we would add the following code.  The initial variable is used to calculate how many additional sites need to be contacted and is used to call a template, ‘modMultiAcct2’, with the necessary parameters to make the SOAP call.  The template, ‘modMultiAcct2’, is then used to convert those variables into a properly formatted SOAP call.  And finally, the line, <xsl:variable name=”doModUserAcct2″ select=”cmd:execute($destCommandProcessor,$modUserAcct2)”/>, submits that SOAP action directly to the endpoint. 

                                                                <xsl:variable name=”addtlSites” select=”$result//value”/>

                                                                <xsl:for-each select=”$addtlSites”>

                                                                                <xsl:call-template name=”modMultiAcct2″>

                                                                                                <xsl:with-param name=”p-ExtLocationID” select=”.”/>

                                                                                                <xsl:with-param name=”p-ExtID” select=”$LV-workforceID”/>

                                                                                                <xsl:with-param name=”p-token” select=”$LV-AccessToken”/>

                                                                                                <xsl:with-param name=”p-event-id” select=”$LV-event-id”/>

                                                                                                <xsl:with-param name=”p-src-dn” select=”$LV-src-dn”/>

                                                                                                <xsl:with-param name=”p-src-entry-id” select=”$LV-src-entry-id”/>

                                                                                                <xsl:with-param name=”p-timestamp” select=”$LV-timestamp”/>

                                                                                                <xsl:with-param name=”p-assoc” select=”$LV-assoc”/>

                                                                                                <xsl:with-param name=”p-Email” select=”$LV-Email”/>

                                                                                                <xsl:with-param name=”p-GivenName” select=”$LV-GivenName”/>

                                                                                                <xsl:with-param name=”p-Surname” select=”$LV-Surname”/>

                                                                                                <xsl:with-param name=”p-HomePhone” select=”$LV-HomePhone”/>

                                                                                                <xsl:with-param name=”p-jobCode” select=”$LV-jobCode”/>

                                                                                                <xsl:with-param name=”p-MobilePhone” select=”$LV-MobilePhone”/>

                                                                                                <xsl:with-param name=”p-MobilePhoneCarrierID” select=”$LV-MobilePhoneCarrierID”/>

                                                                                                <xsl:with-param name=”p-NotifyBySMS” select=”$LV-NotifyBySMS”/>

                                                                                                <xsl:with-param name=”p-Description” select=”$LV-Description”/>

                                                                                </xsl:call-template>

                                                                </xsl:for-each>

                                                </xsl:when>

<xsl:variable name=”modUserAcct2″>

                                                <operation-data soap-action=”https://api.endpoint.com/IEmployeeService/CreateEmployee”>

                                                                <xsl:attribute name=”event-id”>

                                                                                <xsl:value-of select=”$p-event-id”/>

                                                                </xsl:attribute>

                                                                <xsl:attribute name=”src-dn”>

                                                                                <xsl:value-of select=”$p-src-dn”/>

                                                                </xsl:attribute>

                                                                <xsl:attribute name=”src-entry-id”>

                                                                                <xsl:value-of select=”$p-src-entry-id”/>

                                                                </xsl:attribute>

                                                                <xsl:attribute name=”timestamp”>

                                                                                <xsl:value-of select=”$p-timestamp”/>

                                                                </xsl:attribute>

                                                                <xsl:attribute name=”assoc”>

                                                                                <xsl:value-of select=”$p-assoc”/>

                                                                </xsl:attribute>

                                                                <xsl:attribute name=”from-user”>true</xsl:attribute>

                                                </operation-data>

                                                <soapenv:Envelope xmlns:api=”https://api.endpoint.com” xmlns:soapenv=”http://schemas.xmlsoap.org/soap/envelope/”>

                                                                <soapenv:Header/>

                                                                <soapenv:Body>

                                                                                <api:CreateEmployee xmlns:xsd=”http://www.spa-booker.com/soap/business”>

                                                                                                <api:request>

                                                                                                                <api:access_token>

                                                                                                                                <xsl:value-of select=”$p-token”/>

                                                                                                                </api:access_token>

                                                                                                                <api:Email>

                                                                                                                                <xsl:value-of select=”$p-Email”/>

                                                                                                                </api:Email>

                                                                                                                <api:ExtID>

                                                                                                                                <xsl:value-of select=”$p-ExtID”/>

                                                                                                                </api:ExtID>

                                                                                                                <api:ExtLocationID>

                                                                                                                                <xsl:value-of select=”$p-ExtLocationID”/>

                                                                                                                </api:ExtLocationID>

                                                                                                                <api:FirstName>

                                                                                                                                <xsl:value-of select=”$p-GivenName”/>

                                                                                                                </api:FirstName>

                                                                                                                <xsl:if test=”$p-HomePhone and $p-HomePhone != ””>

                                                                                                                                <api:HomePhone>

                                                                                                                                                <xsl:value-of select=”$p-HomePhone”/>

                                                                                                                                </api:HomePhone>

                                                                                                                </xsl:if>

                                                                                                                <xsl:if test=”$p-jobCode and $p-jobCode != ””>

                                                                                                                                <api:JobCode>

                                                                                                                                                <xsl:value-of select=”$p-jobCode”/>

                                                                                                                                </api:JobCode>

                                                                                                                </xsl:if>

                                                                                                                <xsl:if test=”$p-Surname and $p-Surname != ””>

                                                                                                                                <api:LastName>

                                                                                                                                                <xsl:value-of select=”$p-Surname”/>

                                                                                                                                </api:LastName>

                                                                                                                </xsl:if>

                                                                                                                <xsl:if test=”$p-MobilePhone and $p-MobilePhone != ””>

                                                                                                                                <api:MobilePhone>

                                                                                                                                                <xsl:value-of select=”$p-MobilePhone”/>

                                                                                                                                </api:MobilePhone>

                                                                                                                </xsl:if>

                                                                                                                <xsl:if test=”$p-MobilePhoneCarrierID and $p-MobilePhoneCarrierID != ””>

                                                                                                                                <api:MobilePhoneCarrierID>

                                                                                                                                                <xsl:value-of select=”$p-MobilePhoneCarrierID”/>

                                                                                                                                </api:MobilePhoneCarrierID>

                                                                                                                </xsl:if>

                                                                                                                <xsl:if test=”$p-NotifyBySMS and $p-NotifyBySMS != ””>

                                                                                                                                <api:NotifyBySMS>

                                                                                                                                                <xsl:value-of select=”$p-NotifyBySMS”/>

                                                                                                                                </api:NotifyBySMS>

                                                                                                                </xsl:if>

                                                                                                                <xsl:if test=”$p-Description and $p-Description != ””>

                                                                                                                                <api:ProfileDescription>

                                                                                                                                                <xsl:value-of select=”$p-Description”/>

                                                                                                                                </api:ProfileDescription>

                                                                                                                </xsl:if>

                                                                                                                <api:Type>Freelancer</api:Type>

                                                                                                </api:request>

                                                                                </api:CreateEmployee>

                                                                </soapenv:Body>

                                                </soapenv:Envelope>

                                </xsl:variable>

                                <xsl:variable name=”doModUserAcct2″ select=”cmd:execute($destCommandProcessor,$modUserAcct2)”/>

                </xsl:template>

 

                While this has the advantage of making multiple API calls per action possible, it does have a drawback.  The response from the additional API calls is lost.  While it is recorded in the logs, it does not come back across the Publisher channel of the driver.  Only the first API call’s result is handled in this fashion.  In my next blog, we will discuss another method to accomplish multiple API calls per action that works around this limitation but has its own drawbacks.

 

Questions, comments or concerns? Feel free to reach out to us below, or email us at IDMWORKS to learn more about how you can protect your organization and customers.

Questions, comments or concerns? Feel free to reach out to us below, or email us at IDMWORKS to learn more about how you can protect your organization and customers.

  1. Hello,

    How do I reference the attributes present on a soap return call from the publisher channel? I noticed that the attributes are present in both the NOVLSDSM-DSMLOutputTransform and the NOVLDSML-otp-SOPOutputTransform policies, but I cannot figure out how to reference these. Is there a way to do this dynamically as opposed to specifically referencing each one?

Leave a Reply

Your email address will not be published. Required fields are marked *