Using extensions for SOAP APIs

You can run extensions for using the SOAP APIs for the IBM Verify Identity Governance - Container.

Before you begin

While installing the Starter kit, ensure to provide the hostname or the IP address for your Kubernetes pod in the config.yaml file. As the containerized IM only supports secure HTTP (HTTPS), the hostname is required when using the wsimport command.

Procedure

Perform the following steps to run the extensions on the client machine.

Install the required certificates

The first step is to install the required certificates before using wsimport for creating itim_ws_client.jar.

isvgimRootCA.crt: – This is available at the location: /starter/config/certs
isvgim.crt: – Access the ISVG-IM Console using your web browser, and download this certificate.
You must install these two certificates using the Java path in which you are plan-ning to use wsimport.
Example:

{JRE_HOME}\bin\keytool.exe -import -alias {ALIAS_NAME} -file "isvgim.crt" -keystore "{JRE_HOME}\lib\security\cacerts"

Password : changeit

Generate the itim_ws_client.jar

Use the wsimport command.
{JDK_HOME}\wsimport.exe -keep -s src https://{HOSTNAME}:30943/itim/services/WSSessionService?wsdl

This command imports the WSDL, creates the Java files and compiles them to class files. Note that the command assumes that the src folder is present.

There are total 16 WSDL, including the one above. Others are listed below.


{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSPersonServiceService?wsdl

{JDK_HOME}\wsimport.exe
-keep -s src
https://{HOSTNAME}:30943/itim/services/WSOrganizationalContainerServiceService?wsdl

{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSAccountServiceService?wsdl

{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSRoleServiceService?wsdl

{JDK_HOME}\wsimport.exe
-keep -s src https://{HOSTNAME}:30943/itim/services/WSServiceServiceService?wsdl

{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSGroupServiceService?wsdl

{JDK_HOME}\wsimport.exe
-keep -s src https://{HOSTNAME}:30943/itim/services/WSPasswordServiceService?wsdl


{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSSystemUserServiceService?wsdl

{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSSearchDataServiceService?wsdl

{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSRequestServiceService?wsdl

{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSToDoServiceService?wsdl

{JDK_HOME}\wsimport.exe
-keep -s src
https://{HOSTNAME}:30943/itim/services/WSProvisioningPolicyServiceService?wsdl


{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSAccessServiceService?wsdl

{JDK_HOME}\wsimport.exe -keep -s src
https://{HOSTNAME}:30943/itim/services/WSUnauthServiceService?wsdl

{JDK_HOME}\wsimport.exe
-keep -s src https://{HOSTNAME}:30943/itim/services/WSExtensionServiceService?wsdl

Next, run the jar command to generate the itim_ws_client.jar file.
{JDK_HOME}\bin\jar -cvf itim_ws_client.jar com\ibm\itim\ws\exceptions\*.class org\apache\xml\xml_soap\*.class com\ibm\itim\ws\model\*.class com\ibm\itim\ws\services\*.class

Get the required jar files

Get the jar files required for creating extension and examples Jar from the running pod.

Run the script: starter/bin/util/getExtensions.sh
This script copies the examples folder in starter. You can then copy the following jar files from the following location: starter/extensions/10.0.2/examples/lib
```
itim_ws_model_1.0.0.jar 
itim_api_1.0.0.jar
itim_common_1.0.0.jar
```

Create the extensions jar

Refer to file examples\ws\src\sample\extension\SampleWSExtension.java
{JDK_HOME}\bin\javac -cp itim_common_1.0.0.jar;itim_ws_model_1.0.0.jar;itim_ws_client.jar;itim_api_1.0.0.jar SampleWSExtension.java
Create the folder structure sample/extension . Next, copy the generated class Sam-pleWSExtension.class to the extension folder.
Create extension.jar file.
{JDK_HOME}\bin\jar.exe -cvf extension.jar sam-ple/extension/SampleWSExtension.class

Add the extension to ISVG-IM

Add classname in the property file.
1. Run the getConfig sh file to retrieve the wsExtensions.properties
  ./getConfig.sh wsExtensions.properties
  
  This command copies the file in starter/data folder.
2. Change file contents to add classname. extension.class1=sample.extension.SampleWSExtension
3. Apply the changes to ISVGIM. ./createConfigs.sh
Add the extension.jar to ISVGIM PODs .
There are multiple options available for doing this. For details, see the section Customization overview in this document. This document uses Option-3, in which at the end the statefulset is restarted. The changes done in the step 5.a are also refreshed in this restart and separate restart is not required.

After you complete above steps, copy the extension.jar In ISVGIM POD

Create a examples.jar file

At the location examples/ws/src/examples/ws you will find all the Java files, please compile then.
{JDK_HOME}\bin\javac -cp itim_common_1.0.0.jar;itim_ws_model_1.0.0.jar;itim_ws_client.jar -sourcepath *.java GenericWSClient.java -d bin

Note that the command assumes that the bin directory is present.
Navigate to the bin directory. Next, run the following command to create a Jar
{JDK_HOME}\bin\jar -cvf examples.jar examples/ws/*.class

Run the examples.jar file

Create a file named ws_example_config.properties in the directory that contains all the JAR files and examples. Add the following text to the ws_example_config.properties file. Tip: You can also copy this file from the examples directory.
host={ISVGIM-HOSTNAME}

port=30943
Run examples
{JRE_HOME}\bin\java.exe -cp itim_common_1.0.0.jar;itim_ws_model_1.0.0.jar;examples.jar;itim_ws_client.jar examples.ws.WSExtensionServiceClient -operationName?extendWithXML -principal?"itim manager" -credential?{PASSWORD}