Working with XSLT, XPATH and ECMAScript in Novell® Identity Manager PoliciesMade Simpler with Designer
David WagstaffConsulting Custom DevelopmentNovell
Vivek ThakyalIDM Software EngineerNovell
© Novell, Inc. All rights reserved.2
Outline
• Overview w/Comparison Demonstrations
• ECMAScript w/Demonstration
• Common Traps to Avoid
• Questions/More Demonstrations
Overview w/Comparison Demonstrations
© Novell, Inc. All rights reserved.4
Identity Manager Foundation
event-driven object synchronization though marshalling to xml, xml transformations, and unmarshalling
Whenever the Identity Vault (or a driver) detects an event like add User, it describes the event in an xml document that starts in the subscriber channel (or publisher channel). The xml document goes through a series of transformations before arriving at the end of the subscriber channel (or publisher channel) to add User on the other end.
© Novell, Inc. All rights reserved.5
Transformations
• Policy (DirXMLScript)
• Stylesheet (XSLT)
Identity Manager engine understands both. You can mix them within a policy set.
How to choose?
© Novell, Inc. All rights reserved.6
Extensions
• Java
• ECMAScript (Javascript via Rhino)
• JVM languages like Groovy
How to choose?
© Novell, Inc. All rights reserved.7
Common Tools
• Regular Expressions (regEx)
• XPath
How to choose?
© Novell, Inc. All rights reserved.8
Simple Demonstrations for ComparisonThe department name on a user in Identity Vault should start with an 'e', but on Active Directory should start with a 'j', e.g. enc127 vs jnc127• policy without regEx• policy with regEx• policy extended with Java• policy extended with ECMAScript• stylesheet
Hint: Where is more important than how.
© Novell, Inc. All rights reserved.9
Quiz
The department attribute is called Department Code in the Identity Vault and dept in the connected system. Which of the following would be good choice(s) to change the attribute name?• XPath• Regular Expressions• Java• ECMAScript• Policy• Stylesheet
ECMAScript w/Demonstration
© Novell, Inc. All rights reserved.11
ECMAScript
• A standardized version of Javascript
• Java like syntax
• Dynamically typed
• Very good String library
• Good Math library
• Works great with regular expressions
© Novell, Inc. All rights reserved.12
Strings in ECMAScript
• String Literal “text” or 'text'– use either single or double quotes
• Important functions:– substr (startIndex, numberOfChars)– substring (startIndex, endIndex)– charAt (indexOfChar) – indexOf (charSequence)– replace (regExp, replacement)– match (regExp) : returns an array of matches– search (regExp) : returns the index of the first match– split (separator, limit) : returns an array of split up strings
© Novell, Inc. All rights reserved.13
Regular Expressions in ECMAScript
• Regular expression literal in ECMAScript /[pattern]/[modifiers] e.g. /[a-z]+/gi
• Modifiers:– g (Global)– i (Case Insensitive)– m (Multi-line)
• Important Functions:– test (string) : returns true or false– exec (string) : returns an array of matches– compile (regExp, modifier) : compiles a regular expression
object
© Novell, Inc. All rights reserved.14
ECMAScript Demonstration
• Changing the Telephone Number format from
– (xxx) xxx-xxxx to a pure integer xxxxxxxxxx
– Pure integer xxxxxxxxxx to (xxx) xxx-xxxx
• Setting the correct area code (the first three digits) in a Telephone Number from a lookup table
Common Traps to Avoid
© Novell, Inc. All rights reserved.16
Java Traps
• Namespace
• Constructor
• Instance Method
• Static Method
• Hint: Static method is easiest and less error prone.
© Novell, Inc. All rights reserved.17
XPath Traps
• policy using absolute path
• // getting too much
• assuming order
• multiple attribute values
• string of XML
© Novell, Inc. All rights reserved.18
XSLT Traps
• bad XPath, see XPath Traps
• doing it in text editor
• not using a variety of sample inputs
• forgetting <apply-templates ...>
© Novell, Inc. All rights reserved.19
Regular Expression Traps
• globbing
• not escaping meta-characters
• groups within groups
• using non-Java dialects
• doing it in text editor
© Novell, Inc. All rights reserved.20
ECMAScript Traps
• Plus operator overloading
• Semicolon insertion at line feed
• String replace only replaces first occurrence – use the /text/g global modifier
• ParseInt function – use parseInt(num, 10) instead of parseInt(num) to be safe
Questions/More Demonstrations
Unpublished Work of Novell, Inc. All Rights Reserved.This work is an unpublished work and contains confidential, proprietary, and trade secret information of Novell, Inc. Access to this work is restricted to Novell employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Novell, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General DisclaimerThis document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. Novell, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for Novell products remains at the sole discretion of Novell. Further, Novell, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Novell marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
Top Related