README
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2014 ForgeRock AS. All rights reserved.
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* http://forgerock.org/license/CDDLv1.0.html
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at http://forgerock.org/license/CDDLv1.0.html
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*/
Async reconciliation Sample
---------------------------
This sample demonstrates how to perform an asynchronous action from a
reconciliation.
For documentation pertaining to this example see:
http://openidm.forgerock.org/doc/install-guide/index.html#more-sample9
To try the sample, follow these steps.
1. Start OpenIDM with the configuration for sample 9.
$ cd /path/to/openidm
$ ./startup.sh -p samples/sample9
2. Run reconciliation.
$ curl -k -H "Content-type: application/json" -u "openidm-admin:openidm-admin" -X POST "https://localhost:8443/openidm/recon?_action=recon&mapping=systemXmlfileAccounts_managedUser"
The reconciliation starts an approval workflow for each ABSENT user.
These workflows (managedUserApproval) wait for approval.
Option 1: Using the UI
3. Using your browser, open https://localhost:8443/openidmui/ .
Login with openidm-admin/openidm-admin.
4. In your "My Tasks" list, you should see two requests for "Evaluate request".
Click on "Evaluate request" to expand the list, and then click "Details" for
each item. Choose whether or not to approve the request. If you choose "Yes",
that user will be created. If you choose "No", it will not be.
5. After completing all pending tasks, go to the "Users" tab to see the list of
managed/users defined in the system. Only those you approved should be listed.
Option 2: Using curl
3. Query the started workflow task instances.
$ curl -k -u openidm-admin:openidm-admin "https://localhost:8443/openidm/workflow/taskinstance?_queryId=query-all-ids&_prettyPrint=true"
{
"result" : [ {
"tenantId" : "",
"createTime" : "2014-04-18T16:12:14.125-07:00",
"executionId" : "4",
"delegationStateString" : null,
"processVariables" : { },
"_id" : "15",
"processInstanceId" : "4",
"description" : null,
"priority" : 50,
"name" : "Evaluate request",
"dueDate" : null,
"parentTaskId" : null,
"processDefinitionId" : "managedUserApproval:1:3",
"taskLocalVariables" : { },
"suspensionState" : 1,
"assignee" : "openidm-admin",
"cachedElContext" : null,
"queryVariables" : null,
"activityInstanceVariables" : { },
"deleted" : false,
"suspended" : false,
"_rev" : 1,
"revisionNext" : 2,
"category" : null,
"taskDefinitionKey" : "evaluateRequest",
"owner" : null,
"eventName" : null,
"delegationState" : null
}, {
"tenantId" : "",
"createTime" : "2014-04-18T16:12:14.178-07:00",
"executionId" : "16",
"delegationStateString" : null,
"processVariables" : { },
"_id" : "27",
"processInstanceId" : "16",
"description" : null,
"priority" : 50,
"name" : "Evaluate request",
"dueDate" : null,
"parentTaskId" : null,
"processDefinitionId" : "managedUserApproval:1:3",
"taskLocalVariables" : { },
"suspensionState" : 1,
"assignee" : "openidm-admin",
"cachedElContext" : null,
"queryVariables" : null,
"activityInstanceVariables" : { },
"deleted" : false,
"suspended" : false,
"_rev" : 1,
"revisionNext" : 2,
"category" : null,
"taskDefinitionKey" : "evaluateRequest",
"owner" : null,
"eventName" : null,
"delegationState" : null
} ],
"resultCount" : 2,
"pagedResultsCookie" : null,
"remainingPagedResults" : -1
}
4. Approve the request.
$ curl -k -u openidm-admin:openidm-admin -X POST "https://localhost:8443/openidm/workflow/taskinstance/15?_action=complete" --data '{"requestApproved": "true"}' -H "Content-Type: application/json"
5. Query the managed users created by the asynchronous reconciliation after
the approval step.
$ curl -k -u openidm-admin:openidm-admin "https://localhost:8443/openidm/managed/user?_queryId=query-all-ids&_prettyPrint=true"
{
"result" : [ {
"_id" : "bjensen",
"_rev" : "0"
} ],
"resultCount" : 1,
"pagedResultsCookie" : null,
"remainingPagedResults" : -1
}