Hi guys,

I am working on REST driver for an integration of one cloud service over
SCIM. Unfortunately, I cannot user build in functionality to convert XDS
to JSON and vice versa because JSON for SCIM looks quite different. So I
developed my own transformations but I am struggling with the matching
policies now.

e.g. I have a matching policy like that:
<do-find-matching-object scope="subtree">
<arg-match-attr name="userName">
<arg-value type="string">
<token-src-attr name="CN"/>
</arg-value>
</arg-match-attr>
</do-find-matching-object>

this generate a query which my policy transforms to the JSON object and
I get an success response in the input transformation policy. And here I
have to convert JSON to XDS but I do not know how the response should
look to match an user. Now the user is sill not associated. So I build a
workaround only. I create a association and I do veto for new add
operation (checking if the association exists and operation is add).

This is my response from SCIM what I have to somehow transform to the
right XDS:
<nds dtdversion="3.0">
<source>
<product build="20150722_0750" version="1.0.0.0">Identity Manager
REST Driver</product>
<contact>NetIQ Corporation.</contact>
</source>
<output>
<status event-id="0" level="success" type="driver-general">
<driver-operation-data class-name="User" command="query"
dest-dn="" event-id="0">
<response>
<url-token
filter="?filter=userName+eq+%22mjuricek%22&amp;rea d-attr="/>
<header content-type="application/json"/>

<value>{"totalResults":1,"itemsPerPage":1,"startIn dex":1,"schemas":["urn:scim:schemas:core:1.0"],"Resources":[{"userName":"mjuricek","name":{"familyName":"Ju r
icek","givenName":"Milan"},"active":true,"emails":[{"value":"mjuricek@acme.com","type":"work"}],"groups":[{"value":"CN=consultants,CN=Users,DC=acme,DC=com"} ,{"value":"C
N=TestGroup01,CN=Users,DC=acme,DC=com"}],"meta":{"lastModified":"2016-10-03T11:22:15Z","created":"2016-09-27T08:20:26Z","location":"https://localhost:9031/pf-scim/v1/Us
ers/7012c550-f6a6-4c10-a509-ecd8357a4fbc"},"id":"7012c550-f6a6-4c10-a509-ecd8357a4fbc","schemas":["urn:scim:schemas:core:1.0"]}]}</value>
</response>
</driver-operation-data>
</status>
</output>
</nds>

Can someone help me with that?

Regards,
Milan


--
mjuricek
------------------------------------------------------------------------
mjuricek's Profile: https://forums.netiq.com/member.php?userid=1616
View this thread: https://forums.netiq.com/showthread.php?t=56648