Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21 Next »

This article includes updates for Smart ID 23.10.3.

This article describes how to create or edit a simple process in Identity Manager Admin, with the Process Designer tool. To create more complex processes with the full set of tasks, the Activiti designer plugin can be used.

Prerequisites

 Prerequisites

Before setting up a process, make sure that the following things apply:

Step-by-step instruction

 Log in to Identity Manager Admin


  1. Log in to the Identity Manager Admin as an admin user.


 Add process
  1. In Identity Manager Admin, go to Home > Process Designer.

  2. To add a new process:

    1. Click +New.

    2. Enter a Name, for example Create Employee, and a Description.

    3. Click Save+Edit.
      The Process Design panel is shown.

  3. To edit an existing process, double-click on its name.
  4. Optionally, enter a Help text.
 Add tasks

Add, remove or edit process tasks as needed.

  1. Go to the Task List tab.
  2. There is always a startElement automatically generated. You can configure a form as attribute for it (not mandatory).
  3. In the Task List tab, click + to add a task.
  4. Select a task type. See the available task types and attributes in the table below.
    To use standard service tasks, select Service task as type.
  5. Enter a Name, a Description, and the required attributes for the selected task type. For example, for a Save Data task, a data pool is needed to specify where to save the data.
  6. If a service task is chosen, click the pen symbol to edit.
    To use a standard service task:
    1. Select Delegate Expression.
    2. Enter expression with the name of the standard service task in the text field, for example ${createRelationJavaDelegate}.
    3. Enter values for the given parameters.
    For information on the available standard service tasks and parameters, see Standard service tasks in Identity Manager.
  7. To let a step be done in parallel to the previous step, check Branching.
  8. Click Preview to see a graphic representation of the current process.
  9. Click Save.
 Set permissions

Add permissions for users and roles for all operation types:

  1. Go to the Permissions tab.
  2. For each operation type, Delete, Update, Start process, and so on, click the operation name. Repeat steps 3-4 to add permissions for users and roles.
  3. To add permissions for a specific user, click Add user and select the user in the drop-down list.
  4. To add permissions for a role, click Add role and select the role in the drop-down list.
  5. Click Save.

Task types and attributes

Task name

DescriptionAttributes

Assign New Number

A number from a number range is assigned to a data pool field.
  • Number range
  • Data pool and field name
Card OperationAn action on a card (e.g. Set PIN/Change PIN) is executed. See also Structure of an encoding description in Identity Manager for more information.
  • Form
  • Card action
Change StateThe state of an object is changed in the local Identity Manager database to a particular state, e.g. from "Active" to "Inactive".
  • Data pool
  • Target state
Change State in CAThe state of a certificate is changed in the CA to a particular state. The state is then also changed in the local database.
  • Target state

Check Task

This task checks the relationship between a data pool object and a particular identity object. The relationship must be a "one-to-one" relationship. If this is not the case, an activity error occurs.
  • Data pool
  • Identity template

Choose Mapping

Copy data from one data pool to another while applying a pre-configured mapping. See Set up mapping in Identity Manager for more information.
  • Mapping

Delete Data

This task deletes one core object from its data source. The core object is identified by the configured data pool and the variable <datapool>_Id within the process map.

Restrictions:

It is not possible to delete core objects that are based on an external data source, with the exception of SCIM based core objects which can be deleted.

  • Data pool
Export TaskData is exported according to an export definition.
  • Export definition
Mail TaskAn email is sent, for example, a confirmation of a receipt.
  • Email template

You can also enter an Expression ${...} that gets resolved from the DataMap.

Modify Roles AutomaticallyRoles are automatically assigned to or withdrawn from particular objects.
  • Data pool
  • Role (selected via drag and drop or resolved via expression that contains a comma-separated list of roles in the process map (Role1,Role2,...).
Modify Roles ManuallyThe user can assign or withdraw roles to or from particular objects manually.
  • Data pool
  • Role
Print ReportA document with the indicated template can be printed.
  • Form
  • Report template

Production

A card or token is produced. This task is for server side production only.

If you configure multiple printers, see Set up printers in Identity Manager.

The process variable processVarCardSdkPrinterUrl can be used to fill with the symbolic name of a  printer to find the connection to the CardSDK. If the variable is not in the process, the defaultPrinter is used.

  • Card template
  • For Nexus GO Cards (CaaS) production:
    Field Name: Field that holds the request id returned by Nexus GO Cards (CaaS).
Production with PreviewBefore a card is produced a preview of the card is displayed on the user interface. There are two variations: one for client-side and one for server-side production. These differ by the following forms:
  • clientSideProductionPreviewTask.jsp
  • serverSideProductionPreviewTask.jsp

If you configure multiple printers, see Set up printers in Identity Manager.

The process variable processVarCardSdkPrinterUrl can be used to fill with the symbolic name of a  printer to find the connection to the CardSDK. If the variable is not in the process, the defaultPrinter is used.

  • Form
  • Card template
Request SofttokenA softtoken is required by the CA and sent to the recipient by email.
  • Certificate type
  • Email template
Return NumberA number from a number range is released again.
  • Number range
  • Data pool and field name
Save Data

The process data are saved in the data pool indicated. If a suitable ID is found, an update is run, otherwise a new data record is created.

Restrictions:

It is not possible to update and create core objects that are based on an external data source.

  • Data pool

Script Task

This task contains a scripting engine for script languages such as JUEL, BeanShell, JavaScript and Groovy.
  • Script to be executed
Service Task

A JAVA class that is executed during the process runtime is added to the process.

A set of standard service tasks is available. For more information, see Standard service tasks in Identity Manager.

  • Java Class
  • For standard service task:
    Relevant parameters for the selected task
User TaskA user dialog (user task) is used in order to model the interaction of a user. It is a form in which entries have to be made.
  • Form
  • Buttons can be configured

Related information


  • No labels

Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions