Working with XSLT, XPath and ECMA Scripts: Make It Simpler with Novell Identity Manager Designer


Published on

Using XPath, XSLT, ECMA scripts judiciously is vital to building complex policies easily in your identity management projects. This session will compare these techniques to achieve similar results and show exact benefits of using one over the other in specific use cases. It will also go through the lifecyle of Novell Identity Manager policy management: how the policies are developed, tested and deployed in Novell Identity Manager Designer. This is an advanced session, and assumes you have a significant level of experience with Identity Manager and Designer.

  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Working with XSLT, XPath and ECMA Scripts: Make It Simpler with Novell Identity Manager Designer

  1. 1. Working with XSLT, XPATH and ECMAScript in Novell Identity Manager Policies ® Made Simpler with Designer David Wagstaff Consulting Custom Development Novell Vivek Thakyal IDM Software Engineer Novell
  2. 2. Outline • Overview w/Comparison Demonstrations • ECMAScript w/Demonstration • Common Traps to Avoid • Questions/More Demonstrations 2 © Novell, Inc. All rights reserved.
  3. 3. Overview w/Comparison Demonstrations
  4. 4. Identity Manager Foundation event-driven object synchronization though marshalling to xml, xml transformations, and unmarshalling Whenever the Identity Vault (or a driver) detects an event like add User, it describes the event in an xml document that starts in the subscriber channel (or publisher channel). The xml document goes through a series of transformations before arriving at the end of the subscriber channel (or publisher channel) to add User on the other end. 4 © Novell, Inc. All rights reserved.
  5. 5. Transformations • Policy (DirXMLScript) • Stylesheet (XSLT) Identity Manager engine understands both. You can mix them within a policy set. How to choose? 5 © Novell, Inc. All rights reserved.
  6. 6. Extensions • Java • ECMAScript (Javascript via Rhino) • JVM languages like Groovy How to choose? 6 © Novell, Inc. All rights reserved.
  7. 7. Common Tools • Regular Expressions (regEx) • XPath How to choose? 7 © Novell, Inc. All rights reserved.
  8. 8. Simple Demonstrations for Comparison The department name on a user in Identity Vault should start with an 'e', but on Active Directory should start with a 'j', e.g. enc127 vs jnc127 • policy without regEx • policy with regEx • policy extended with Java • policy extended with ECMAScript • stylesheet Hint: Where is more important than how. 8 © Novell, Inc. All rights reserved.
  9. 9. Quiz The department attribute is called Department Code in the Identity Vault and dept in the connected system. Which of the following would be good choice(s) to change the attribute name? • XPath • Regular Expressions • Java • ECMAScript • Policy • Stylesheet 9 © Novell, Inc. All rights reserved.
  10. 10. ECMAScript w/Demonstration
  11. 11. ECMAScript • A standardized version of Javascript • Java like syntax • Dynamically typed • Very good String library • Good Math library • Works great with regular expressions 11 © Novell, Inc. All rights reserved.
  12. 12. Strings in ECMAScript • String Literal “text” or 'text' – use either single or double quotes • Important functions: – substr (startIndex, numberOfChars) – substring (startIndex, endIndex) – charAt (indexOfChar) – indexOf (charSequence) – replace (regExp, replacement) – match (regExp) : returns an array of matches – search (regExp) : returns the index of the first match – split (separator, limit) : returns an array of split up strings 12 © Novell, Inc. All rights reserved.
  13. 13. Regular Expressions in ECMAScript • Regular expression literal in ECMAScript /[pattern]/[modifiers] e.g. /[a-z]+/gi • Modifiers: – g (Global) – i (Case Insensitive) – m (Multi-line) • Important Functions: – test (string) : returns true or false – exec (string) : returns an array of matches – compile (regExp, modifier) : compiles a regular expression object 13 © Novell, Inc. All rights reserved.
  14. 14. ECMAScript Demonstration • Changing the Telephone Number format from – (xxx) xxx-xxxx to a pure integer xxxxxxxxxx – Pure integer xxxxxxxxxx to (xxx) xxx-xxxx • Setting the correct area code (the first three digits) in a Telephone Number from a lookup table 14 © Novell, Inc. All rights reserved.
  15. 15. Common Traps to Avoid
  16. 16. Java Traps • Namespace • Constructor • Instance Method • Static Method • Hint: Static method is easiest and less error prone. 16 © Novell, Inc. All rights reserved.
  17. 17. XPath Traps • policy using absolute path • // getting too much • assuming order • multiple attribute values • string of XML 17 © Novell, Inc. All rights reserved.
  18. 18. XSLT Traps • bad XPath, see XPath Traps • doing it in text editor • not using a variety of sample inputs • forgetting <apply-templates ...> 18 © Novell, Inc. All rights reserved.
  19. 19. Regular Expression Traps • globbing • not escaping meta-characters • groups within groups • using non-Java dialects • doing it in text editor 19 © Novell, Inc. All rights reserved.
  20. 20. ECMAScript Traps • Plus operator overloading • Semicolon insertion at line feed • String replace only replaces first occurrence – use the /text/g global modifier • ParseInt function – use parseInt(num, 10) instead of parseInt(num) to be safe 20 © Novell, Inc. All rights reserved.
  21. 21. Questions/More Demonstrations
  22. 22. Unpublished Work of Novell, Inc. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.