NevisIDMSource

The NevisIDMSource is used to query for data managed by the nevisIDM software. It makes use of the nevisIDM administration web service which has to be provided in form of a NevisIDMConnectionPool.

The NevisIDMSource can be used to query for clients, units, users, applications and roles. The query can be refined by providing query values for certain search fields. The name of these fields are dependent on the query type.

The data objects resulting from the web service call are made available through the special attribute named „values". The fields of the objects can then easily by accessed using EL expressions. In addition, properties are made available through the attribute map properties.

Configuration

Name	Type, usage constraints, defaults	Description
Service	required: paraVal default: none type: NevisIDMConnectionPool	The NevisIDMConnection pool providing access to the nevisIDM administration web service.
queryType	required: paraVal default: none type: query type string	Determines which nevisIDM entity is queried: client: query for clients unit: query for units user: query for users profile: query for profiles application: query for applications role: query for roles.
searchFields	optional: paraMap default: empty maptype: string/string map	Defines the values and fields to search. The names of the fields depend on the type of the query. See below for a complete list of fields to be used in a query. You can use this setting to restrict the search for a given client.
pageSize	optional: paraVal default: 0 type: integer	Defines the number of pages to query nevisIDM in case of a multiple paged query.You can use this setting to avoid memory problems.
detailLevels	optional: paraMap default: depends on the query type: string/string map	The detail levels can be used to override the defaults of the source to include or exclude information in the query.The detail levels are described in detail in the nevisIDM reference guide. The detail levels are a common source of errors: If you set the levels too low, data will not be available.

Client

Normal data fields
ctlCreDat	ctlCreUid
ctlModDat	ctlModUid
displayName	extId
name

Special data fields

• prop_propertyName: property with name propertyName

Unit

Normal data fields
ctlCreDat	hname
ctlCreUid	localizedHname
ctlModDat	location
ctlModUid	modificationComment
description	name
displayAbbreviation	parentExtId
displayName	policyName
extId

Special data fields

• prop_propertyName: property with name propertyName

User

Normal data fields
addressLine1	addressLine2	birthDate
birthDateFrom	birthDateTo	city
clientExtId	clientIndependent	clientName
country	ctlCreDat	ctlCreUid
ctlModDat	ctlModUid	email
extId	firstName	language
lastLogin	lastLoginFailure	loginId
mobile	modificationComment	name
postalCode	remarks	telefax
telephone	templateCollection	title
validFrom	validFromHi	validFromLow
validTo	validToHi	validToLow

Special data fields

• profileExtId
• profileName
• prop_propertyName: property with name propertyName
• roleName: query for users having the specified role
• roleApplicationName: name of the application of that role
• unitExtId: query for users being member of the specified unit
• unitName: query for users being member of the named unit
• userState: state of the user.
• saml_credentialExtId: The credential ext ID.
• saml_state: The state of the SAML federation credential.
• saml_subjectNameId: The subject name ID of the SAML federation credential.
• saml_subjectNameIdFormat: The subject name ID format of the SAML federation credential.
• saml_issuerNameId: The issuer name ID of the SAML federation credential.
• saml_issuerNameIdFormat: The issuer name ID format of the SAML federation credential.

Profile

Normal data fields
ctlCreDat	ctlCreUid
ctlModDat	ctlModUid
deputedExtId	extId
modificationComment	name
userExtId

Special data fields

• prop_propertyName: property with name propertyName

Application

Normal data fields
ctlCreDat	ctlCreUid
ctlModDat	ctlModUid
description	displayName
name	url

Special data fields

• prop_propertyName: property with name propertyName

Role

Normal data fields
applicationName	ctlCreDat
ctlCreUid	ctlModDat
ctlModUid	extId
description	name

Special data fields

• prop_propertyName: property with name propertyName

Example

• Get all clients:

<dataSource type="NevisIDMSource">; `<dp:paraVal name="service" value="${inst.nevisIDMService}"/>; `<dp:paraVal name="queryType" value="client/>
</dataSource>

• Get all units at medium detail level:

<dataSource type="NevisIDMSource">; `<dp:paraVal name="service" value="${inst.nevisIDMService}"/>; `<dp:paraVal name="queryType" value="unit/>; `<dp:paraMap name="detailLevels">; `    <value name="default" value="low" />; `    <value name="unit" value="medium" />; `</dp:paraMap>
</dataSource>

• Get all users of a client with a special role:

<dataSource type="NevisIDMSource">; `<dp:paraVal name="service" value="${inst.nevisIDMService}"/>; `<dp:paraVal name="queryType" value="client/>; `<dp:paraMap name="searchFields">; `    <value name="clientExtId" value="1020"/>; `    <value name="roleName" value="specialRole"/>; `    <value name="roleApplicationName" value="specialApplication"/>; `</dp:paraMap>; `<dp:paraVal name="pageSize" value="100"/>
</dataSource>

• Get a unit with a special property value:

<dataSource type="NevisIDMSource">; `<dp:paraVal name="service" value="${inst.nevisIDMService}"/>; `<dp:paraVal name="queryType" value="unit/>; `<dp:paraMap name="searchFields">; `    <value name="prop_PropertyName" value="special"/>; `</dp:paraMap>
</dataSource>

Examples for data access

Assume a user query in the entity user.

• Get the value of ordinary fields through the values field:

#{in.user.values.loginId}
#{in.user.values.extId}
#{in.user.values.firstName}

• Get the associated properties:

#{in.user.properties.PropertyName}
#{in.user.properties['PropertyName']}

• Get the value of the first credential:

#{in.user.values.credentials[0].value}