-
Notifications
You must be signed in to change notification settings - Fork 9
/
IdentityCreation.xml
89 lines (80 loc) · 2.96 KB
/
IdentityCreation.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE sailpoint PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<sailpoint>
<Rule language="beanshell" name="Identity Creation Template" type="IdentityCreation">
<Description>
Identity creation rules are used to set attributes on new Identity objects
when they are created. New identities may be created during the
aggregation of application accounts, or optionally created after
pass-through authentication.
One common operation is to change the name property of the identity
when the default application name is complex (such as a
directory DN).
Another common operation is to assign a set of initial capabilities based
on the attributes pulled from the application account.
</Description>
<Signature returnType="void">
<Inputs>
<Argument name="context">
<Description>
A sailpoint.api.SailPointContext object that can be used to query
the database if necessary.
</Description>
</Argument>
<Argument name="log">
<Description>
The log object associated with the SailPointContext.
</Description>
</Argument>
<Argument name="environment" type="Map">
<Description>
Arguments passed to the aggregation task.
</Description>
</Argument>
<Argument name="application">
<Description>
Application being aggregated.
</Description>
</Argument>
<Argument name="account" required="true" type="ResourceObject">
<Description>
The resource account for the identity being created.
</Description>
</Argument>
<Argument name="identity" required="true" type="Identity">
<Description>
The identity that is being created.
</Description>
</Argument>
</Inputs>
</Signature>
<ReferencedRules>
<Reference class="sailpoint.object.Rule" name="Global Rule Library"/>
</ReferencedRules>
<Source>
<![CDATA[
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import sailpoint.api.SailPointContext;
import org.apache.commons.logging.Log;
import sailpoint.object.TaskResult;
import sailpoint.object.Attributes;
import sailpoint.object.Application;
import sailpoint.object.ResourceObject;
import sailpoint.object.Identity;
//Log mylogger = LogFactory.getLog("rule.IdentityCreation");
//mylogger.debug("Start IdentityCreation");
//add the following lines to IIQ Log4j properties file to use this logger
//logger.IdentityCreation.name=rule.IdentityCreation
//logger.IdentityCreation.level=debug
//Available Input Variables
//environment;
//application;
//account;
//identity;
//mylogger.debug("End IdentityCreation");
//this rule does not return anything
]]>
</Source>
</Rule>
</sailpoint>