Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Insert excerpt
Smart ID Agent (DataSyncProxy) in Identity Manager
Smart ID Agent (DataSyncProxy) in Identity Manager
nopaneltrue

Read more here: Smart ID Agent (DataSyncProxy).

Prerequisistes

Expand
titlePrerequisites
  • JAVA Runtime (Version 11)
  • Access to local services (in order to do the required read/write operations)
  • Internet connection (in order to access Nexus GO Service)

Step-by-step instruction

Enable and configure Smart ID Agent

Expand
titleEnable the Smart ID Agent to Identity Manager
  1. In Identity Manager Admin, go to Home > Data pool.
  2. To edit an existing data pool, double-click the data pool name.
  3. In the Data sources tab, select one of the data sources in the Type drop-down list.
  4. Check Smart ID Identity Manager - Agent enabled.
  5. Click Save.


Expand
titleConfigure Smart ID Agent in Identity Manager

In the Identity Manager file system.properties, these are the standard settings for response intervals and timeouts for Identity Manager (for executing searches, exporting data, and so on) and Identity Manager Admin (for testing connection, getting the scim resource types and getting the attribute lists). If needed, they can be configured.

Code Block
titleExample: Configure Smart ID Agent in system.properties
dataSync.responsePollingIntervalInMs=200
dataSync.responsePollingTimeoutInMs=30000
dataSync.proxyConnectionTimeoutInMs=3600000
 
# when the connection timeout above occurs, spring logs a message on error level. To disable this enter: (Note: if you want to be sure not to miss any other logs do not turn this on)
dataSync.suppressSpringMvcExceptionsWhileTimeout=true

# When set, sends a request at defined interval to keep the connection open.
# You'll need to set it if you observe multiple registrations occur before the configured timeout
dataSync.keepAliveIntervalInMs=10000



Expand
titleConfigure Smart ID Agent in customer system
  1. Unpack the ZIP file containing application.yaml.

    Configure application.yaml with the service parameters, see the example below.

    In the urls you can configure one or multiple Identity Manager or Identity Manager Admin services. For all of them, the same tenant id and authentication method will be used. You can use basic authentication by configuring the userName and password, or client certificate authentication by configuring a keyStore and it's password. If both are configured, client certificate authentication will be used. If one or multiple of the services use a server certificate, which is not trusted by default, you can configure a trustStore and it's password containing the certificate to trust the server certificate.

    Code Block
    titleExample: application.yaml
    logging.config: ./log4j2.xml # Custom logging configuration
    prime:
        urls: # Urls of the servers the agent should connect to
            - https://localhost:18443/idm
            - https://localhost:18443/idm-admin
        tenantId: 1 # Tenant id to connect to
    
        # Basic Authentication
        userName: admin
        password: admin
        # Client certificate authentication
        # keyStore: <path/to/your/keystore>
        # keyStorePassword: <keystore password>
    
        # Truststore for not trusted server certificate
        # trustStore: <path/to/your/truststore> 
        # trustStorePassword: <truststore password> 
    
    reconnectDelay: 15000 # The delay how often the agent checks if the connection is still active (in milliseconds)


  2. To start the Smart ID Agent:

    1. On Windows, execute the startup.bat

    2. On Linux execute the startup.sh.

  3. Depending on your system configuration you might need to modify it to use a compatible JAVA Runtime, see Prerequisites.

Install Smart ID Agent as a service

Expand
titleinstall Smart ID Agent as Windows Service

You can install Smart ID Agent as a Windows Service.

Since it is not possible to run a jar as a service, you must use a third party software that will run as a service and itself run the jar.

  1. Download and install NSSM (Non-Sucking Service Manager) http://nssm.cc/download.
    From the command line, you can get a list of commands by typing nssm --help.
  2. Run the command nssm install to open the GUI to create a new service.
  3. In the Application tab, enter this information:
    1. Path - the path to your java.exe (for example, C:\Program Files\Java\jdk-11.0.8\bin\java.exe)
    2. Startup directory - the directory in which the application starts. Match it with the folder where the jar file is located (for example C:\path\to\application)
    3. Arguments - the arguments you use when starting the jar (for example, -Xms4g -Xmx8g -jar "C:\path\to\application\app.jar")
  4. In NSSM, go to the Details tab and enter:
    1. Display name and Description - self-explanatory, enter something appropriate.
    2. Startup type - Automatic is the default and preferred choice, so that your service starts with Windows.
    3. Service name - Give your service a unique name (do not use spaces, this is an identifier).
  5. Click Install service to finish the creation process.
  6. Once the service is installed, you can monitor it through the Task Manager app in the Services tab, or by opening the Services app directly. 

    You can also monitor as well as edit or remove your service with NSSM:

    • Edit a service, if you want to change a few things. This will open the same GUI as for the installation.
      nssm edit <servicename>
    • Remove a service.
      nssm remove <servicename>


This article is valid for Smart ID 20.06.1 and later.