This sample demonstrates using reconciliation of users created in an XML folder on a remote machine. The JCS provides a way for OpenIDM to pick up and synchronize the OpenIDM repository with the remote XML user repository.
Procedure 9.9. Configuring JCS
-
Copy the
openidm/samples/sample1/datadirectory to a location on the JCS machine.
Procedure 9.10. Configuring OpenIDM for the XML Example
-
Start OpenIDM. You can ignore errors like
cannot connect to databaseandcannot find jdbc driver. These errors will be fixed once OpenIDM has been configured and restarted. -
Copy the
openidm/samples/sample1/confdirectory toopenidm/conf. Overwrite any existing files.For Unix/Linux, enter the following in a terminal window.
$ cd path/to/openidm $ cp -r ./samples/sample1/conf ./conf
For Windows, enter the following on the command line.
c:\> cd path\to\openidm .\> copy .\samples\sample1\conf .\conf
-
Copy the
openidm/samples/provisioners/provisioner.openicf.connectorinfoprovider.jsotoopenidm/conf.$ cp . samples/provisioners/provisioner.openicf.connectorinfoprovider.json ./conf
-
Edit the
provisioner.openicf.connectorinfoprovider.jsonto match your network setup. The following is an example of how it could look.{ "connectorsLocation" : "connectors", "remoteConnectorServers" : [ { "name" : "xml", "host" : "10.0.0.2", "port" : 8759, "useSSL" : false, "timeout" : 0, "key" : "password" } ], } -
Edit the
provisioner.openicf-xml.jsonin the/confdirectory to read like the following.{ "name" : "xmlfile", "connectorRef" : { "connectorHostRef" : "xml", "bundleName" : "org.forgerock.openicf.connectors.file.openicf-xml-connector", "bundleVersion" : "", "connectorName" : "com.forgerock.openicf.xml.XMLConnector" }, "producerBufferSize" : 100, "connectorPoolingSupported" : true, "poolConfigOption" : { "maxObjects" : 10, "maxIdle" : 10, "maxWait" : 150000, "minEvictableIdleTimeMillis" : 120000, "minIdle" : 1 }, "operationTimeout" : { "CREATE" : -1, "TEST" : -1, "AUTHENTICATE" : -1, "SEARCH" : -1, "VALIDATE" : -1, "GET" : -1, "UPDATE" : -1, "DELETE" : -1, "SCRIPT_ON_CONNECTOR" : -1, "SCRIPT_ON_RESOURCE" : -1, "SYNC" : -1, "SCHEMA" : -1 }, "configurationProperties" : { "xsdIcfFilePath" : "/Program files (x86)/openicf/data/ resource-schema-1.xsd", "xsdFilePath" : "/Program Files (x86)/openicf/data/ resource-schema-extension.xsd", "xmlFilePath" : "/Program Files (x86)/openicf/data/xmlConnectorData.xml" }, "objectTypes" : { "account" : { "$schema" : "http://json-schema.org/draft-03/schema", "id" : "__ACCOUNT__", "type" : "object", "nativeType" : "__ACCOUNT__", "properties" : { "description" : { "type" : "string", "nativeName" : "__DESCRIPTION__", "nativeType" : "string" }, "firstname" : { "type" : "string", "nativeName" : "firstname", "nativeType" : "string" }, "email" : { "type" : "array", "items" : { "type" : "string", "nativeType" : "string" }, "nativeName" : "email", "nativeType" : "string" }, "__UID__" : { "type" : "string", "nativeName" : "__UID__" }, "password" : { "type" : "string", "required" : false, "nativeName" : "__PASSWORD__", "nativeType" : "JAVA_TYPE_GUARDEDSTRING", "flags" : [ "NOT_READABLE", "NOT_RETURNED_BY_DEFAULT" ] }, "name" : { "type" : "string", "required" : true, "nativeName" : "__NAME__", "nativeType" : "string" }, "lastname" : { "type" : "string", "required" : true, "nativeName" : "lastname", "nativeType" : "string" } } } }, "operationOptions" : { } } -
Verify that the following settings are correct.
-
The value of
connectorHostRef : xmlpoints to the propertynameofprovisioner.openicf.connectorinfoprovider.json. This indicates which connectorinfoprovider to use. -
The
bundleVersion :must be exactly the same asopenicf-scriptedsql-connector-.jar. on JCS/bundles. -
The path to
xsdIcfFilePath : /Program files (x86)/openicf/data/resource-schema-1.xs
-
-
Restart OpenIDM to verify that all of the configuration changes have occurred. There should be no error message when OpenIDM is restarted. To check, run the following command:
src list
This returns a list of installed modules, including the following:
[ 17] [active ] org.forgerock.openidm.provisioner.openicf
![[Note]](common/images/admon/note.png)
Note The number may differ. Make sure to note the number returned.
When you have installed more connectors, there will be more OpenIFC modules. If the state of the module is active, the module is installed properly. If the state is unsatisfied, then you have not configured it correctly and you must check your configuration. You can also check the content of installed modules. This can be useful if you have an unsatisfied state and you want to check that the content is the same as in the
*.jsonfile, to verify that the configuration change you made was picked up. To list the content of the module run the following command, with the number returned from the previous step:scr info 17 <your number>
Note You can also check the
provisioner.openicf.connectorinfoprovider -
Run reconciliation with the following command.
$ curl --header "X-OpenIDM-Username: openidm-admin" --header "X-OpenIDM-Password: openidm-admin" --request POST "http://localhost:8080/openidm/recon?_action=recon&mapping=systemXmlfileAccounts_managedUser"
This will return a reconciliation id similar to the following:
{"_id":"a5346543-db9a-4f8b-ba25-af2a1b576a54"} -
Check the internal repository (OrientDB or MySQL) to make sure that the users were reconciled. For information about connecting to OrientDB, see Before You Begin in the Installation Guide. For information about using MySQL as a repository, see Installing a Repository For Production in the Installation Guide.
