Dear IDM community,


I am currently having troubles implementing a SOAP Driver. The use case is as follows:

The web app we want to connect to provides a SOAP web service that returns a list of objects (all objects available). These objects should be synchronized into the IDV.
This synchronization should be triggered via "migrate into IDV" operation, which results in a corresponding query event. The returned instances should then be
synchronozed into the IDV.

As of now, the triggered query event in IDM is properly transformed to the desired SOAP request in output transformation. The returned SOAP response by the web app is then transformed to a NDS query response event (instance).

And here is the problem: When the event reaches the publisher filter, the driver initiates a sync event and then tries to query back to the web app, for each returned
instance (again?!). But, this query will always fail, since it is not implemented on the web application side (and therefore not properly handled in output transformation).

Here is the initial subscriber query, initiated through the migration operation:

[08/25/17 13:39:50.688]:soap-driver ST:Start transaction.
[08/25/17 13:39:50.688]:soap-driver ST:Processing events for transaction.
[08/25/17 13:39:50.689]:soap-driver ST:
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Advanced" version="4.5.3.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<query class-name="List" scope="subtree">
<search-class class-name="List"/>
<search-attr attr-name="CN">
<value>*</value>
</search-attr>
</query>
</input>
</nds>


The query is transformed in the output transformation to the appropriate SOAP request. The response returned by the web application is transformed to an NDS query response
as follows (for testing purposes just on object/instance is returned):

<nds dtdversion="2.0">
<source>
<product build="20141001_0707" instance="soap-driver" version="4.0.0.2">Identity Manager Driver for SOAP</product>
<contact>NetIQ Corporation</contact>
</source>
<output>
<instance class-name="List" event-id="0" src-dn="group1_name" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<association>group1_name</association>
<attr attr-name="Full Name">
<value>group1_name</value>
</attr>
<attr attr-name="Description">
<value>group1_desc</value>
</attr>
</instance>
<status event-id="0" level="success" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"/>
<operation-data event-id="0" parent-node-1="searchResponse">
<return-to-me class-name="List" command="query" event-id="0" scope="subtree"/>
</operation-data>
</output>
</nds>

(I also add an operation association value in input transformation, since without it, the driver stops the transaction with the message "Object does not provide enough information to migrate" or something)


After event transformation, the driver initiates the sync event and tries to query back to the web application (again?!):

[08/25/17 13:39:50.742]:soap-driver ST:Policy returned:
[08/25/17 13:39:50.742]:soap-driver ST:
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Advanced" version="4.5.3.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<sync class-name="List" event-id="migrate-app-sync-1" src-dn="group1_name">
<association>group1_name</association>
</sync>
</input>
</nds>
[08/25/17 13:39:50.744]:soap-driver ST:No associated objects.
[08/25/17 13:39:50.744]:soap-driver ST:Applying publisher filter.
[08/25/17 13:39:50.744]:soap-driver ST:Publisher processing sync for group1_name.
[08/25/17 13:39:50.744]:soap-driver ST:Reading relevant attributes from group1_name.
[08/25/17 13:39:50.744]:soap-driver ST:
<nds dtdversion="4.0" ndsversion="8.x">
<source>
<product edition="Advanced" version="4.5.3.0">DirXML</product>
<contact>NetIQ Corporation</contact>
</source>
<input>
<query class-name="List" scope="entry">
<association>group1_name</association>
<read-attr attr-name="Description"/>
<read-attr attr-name="Full Name"/>
</query>
</input>
</nds>
[08/25/17 13:39:50.745]:soap-driver ST:Fixing up association references.


Now I think I don't fully understand the behaviour of the driver at this point. Why does it query back again although the event is already the result of a query? Or am I missing some
crucial information in the response event or driver configuration, that "tells" the driver to not query back to the source in the publisher?

Or is the design of the solution wrong per se and the response of the initial query has to be handled another way?

I am quite out of ideas here and would greatly appreciate your assistance on this matter!


Thank you and best regards,
Philipp