APIs, SDKs, and Services > Identity Service API > Identity Service API Overview
  

Identity Service API Overview

Process Server provides an identity service to enable processes to look up users and groups in an enterprise directory service. This document describes the identity service API and includes a few examples that show the API being used with SOAP and indirectly using Java code. This second example uses the JAX-WS (Process Server IdentityService4J API.
Package Contents
The Identity Service API using JAX-WS (IdentityService4J) and the samples code project contains the following:
dist/
The Process Server identityservice4j and wsht4j API jars
docs/
Documentation
lib/
Dependencies and third party libraries; also, see the /common/lib root directory
src/
JAX-WS generated code
src-examples/
Sample Java code using the API
build.xml
Ant build script; you will need JDK 1.5 or later to build this project
.project .classpath
Eclipse IDE project and classpath files
Identity Service Endpoints
The following table shows the Identity Service-related web service endpoints. You will need to change the hostname (for example, localhos) to reflect the actual host name where the service is hosted.
WSDL
http://localhost:8080/active-bpel/services/AeIdentityService?wsdl
Service SOAP Binding
http://localhost:8080/active-bpel/services/AeIdentityService
Setup
The Process Server Identity Service is normally available only to processes executing inside the Process Server using the identity service invoke handler.
In order to access the service operations from outside a process, the internal service operations must be exposed to an endpoint. Do this by deploying the aeidentitysvc system process to the server, as follows:
  1. 1. From the Process Console, click on the Deploy button located on the top right.
  2. 2. Browse and select the BPR located at /orchestration/IdentityService/aeidentitysvc.bpr. This BPR contains the aeidentitysvc process.
Note: If your server was configured for secured access, you must provide credentials for the abIdentityListConsumer role by creating a <security-constraint> definition in the active-bpel.war XML file:

<security-constraint>
<web-resource-collection>
<web-resource-name>Identity List Consumer</web-resource-name>
<description>Endpoint that exposes an operation on the identity service.</description>
<url-pattern>/services/AeIdentityService</url-pattern>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<!--IDENTITYLISTCONSUMER Uncomment to restrict access to the task client services
<auth-constraint>
<role-name>abIdentityListConsumer</role-name>
</auth-constraint>
IDENTITYLISTCONSUMER-->
</security-constraint>