I'll Get My Coat

Identity Management? I'll Get My Coat...


« Solaris Authorizatio... | Main
Tuesday Apr 15, 2008

Role Manager (RBACx) WebServices

Sun's new GRC market entry product, Sun Role Manager (formerly Vaau RBACx) offers a wealth of webservice integration points. I had to work on a project recently integrating with the wsdl interface of Role Manager and here's  some information about how to enable the  services and what can be achieved by doing so...

The webservice interface of RBACx is not enabled by default, to enable it you must follow these steps:

1. Shut down the RBACx webcontainer

2. Edit the /webapps/rbacx/WEB-INF/web.xml adding the following changes:

<servlet>
         <servlet-name>ws</servlet-name>
         <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
</servlet>
<servlet-mapping>
         <servlet-name>ws</servlet-name>
         <url-pattern>/ws/*</url-pattern>
</servlet-mapping>

 3. Restart the webcontainer

4. Consider using Soap UI as a testing tool and point this to the RBACx instance to consume the WSDLs

http://localhost:8080/rbacx/ws/auditService?wsdl http://localhost:8080/rbacx/ws/businessUnitManagementService?wsdl http://localhost:8080/rbacx/ws/logService?wsdl http://localhost:8080/rbacx/ws/roleManagementService?wsdl http://localhost:8080/rbacx/ws/userManagementService?wsdl

The RBACx webservice requires authentication this can be performed a number of ways such as in the following request 

 <soapenv:envelope xmlns:ser="http://service.api.rbacx.vaau.com" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:header>
  <wsse:security s:mustunderstand="1" 
	xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
		xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
         <wsse:usernametoken>
            <wsse:username>rbacxadmin</wsse:username>
            <wsse:password type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:password>
         </wsse:usernametoken>
   </wsse:security>
</soapenv:header>
   <soapenv:body>
      <ser:findactiveusers>
         <ser:in0>10130</ser:in0>
      </ser:findactiveusers>
   </soapenv:body>
</soapenv:envelope>
There you go Role Manager Webservices enabled and ready to rock..!

Posted at 05:19PM Apr 15, 2008 by Paul Walker in Handy IDM Bits  | 

Comments:

Post a Comment:
Comments are closed for this entry.

Today's Page Hits: 18