1 / 25

HR-XML Interoperation with OASIS SPML V2

HR-XML Interoperation with OASIS SPML V2. An Integration Use Case Matt Tobiasen (HR-XML) Gary Cole (OASIS). Agenda. Integration Concept What is this integration? How did it come about? Introduction to SPML V2 OASIS PSTC SPML V2 Sample Use Case

paprika
Download Presentation

HR-XML Interoperation with OASIS SPML V2

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. HR-XML Interoperation with OASIS SPML V2 An Integration Use Case Matt Tobiasen (HR-XML) Gary Cole (OASIS)

  2. Agenda • Integration Concept • What is this integration? • How did it come about? • Introduction to SPML V2 • OASIS PSTC • SPML V2 • Sample Use Case • Applicant Tracking & Background Checking • Use Case Flow & Sample Schema • Protocol Exchange • Overview • Sample SPML Message Exchange • What’s Next? • Questions?

  3. Integration Concept

  4. Integration Concept • What is this integration? • HR-XML defines target schema(s) • Complex integration involving Identity • Use an existing exchange protocol… HR System Applicant Tracking XSD ID ID XSD XSD XSD SPML XSD XSD

  5. Integration Concept • How did it come about? • HR-XML needed secure Identity Provisioning • Open standards existed @ OASIS • Your guys started talking to our guys • Immediately everyone saw a good fit… • All good engineers like re-use – right?

  6. Introduction to SPML V2

  7. Introduction to SPML V2 • OASIS PSTC • OASIS technical committee focused on developing open standards for Service & Identity Provisioning • Founded in 2001 • Contributors: • BEA - Mycroft • BMC Software - Open Network Technologies • CA (+Netegrity) - Oracle (PeopleSoft) • Critical Path - HP (+TrueLogica) • Entrust - Thor • IBM - Sun (+Waveset) • Deliverable - Service Provisioning Markup Language • V1 - OASIS Open Standard November 3rd 2003 • V2 – Planned complete April 2005

  8. Introduction to SPML V2 • SPML V2 • Open standard for defining and exchanging provisioning requests in XML using Web Services technologies • XML RPC interface for Identity Provisioning • Interface model and management abstraction for an Identity Life-cycle • Important part of end-to-end standards based security strategy

  9. Target Target Target SPML/SOAP SPML/SOAP Value added Service… Introduction to SPML V2 XSD WSDL SPML Service Point(ATS) WS-Sec Secured HR HR UDDI

  10. Introduction to SPML V2 Service Point Requestor

  11. Target Target Target Introduction to SPML V2 In-Spec Out of Spec XSD Ref to XSD WSDL Service Point Requestor Request Response Core Operations List of Targets Batches Bulk Operations Sync/Async Model Capabilities Transport Security Model Trust Model (inc. establishment) AuthN & AuthZ Model

  12. Sample Use Case

  13. Recruiter Sample Use Case • Applicant Tracking Systems (ATS) & Background Checking Systems (BCS) • Selected due to timing and application • A simple integration requirement • Managed life-cycle • Add / Modify / Suspend / Delete • Password management SecureManagedExchange ATS BCS

  14. Sample Use Case • Use Case Outline • ATS has pre-defined “context” with BCS • ATS defines “Recruiter” • ATS creates “Recruiter” account within BCS with access to basic background checks on applicants • ATS updates “Recruiter” making her a “SeniorRecruiter” with access to enhanced background checks on applicants • ATS does password reset for “SeniorRecruiter” • ATS suspends “SeniorRecruiter”

  15. Sample Use Case • Sample User Schema ATS BCS

  16. Protocol Exchange

  17. Overview Pre Existing Trust Relationship Add Request (Data) Add Response (ID) Modify Request (ID, Data) Modify Response (Data) Change Password (password) Password Changed Suspend (ID) Suspended Protocol Exchange ATS BCS

  18. Protocol Exchange – add <?xml version="1.0" encoding="utf-8"?> - <soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> - <soap:Body> <addRequestxmlns="urn:oasis:names:tc:SPML:2:0“targetId="HR-XML"> -<data> -<UserAccountsTypeUserAccount xmlns="http://ns.hr-xml.org/2004-08-02“ xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" type="new"validFrom="2005-03-29"validTo="2006-03-29"> -<ClientId idOwner="XYCClient1" xmlns="http://ns.hr-xml.org/2004-08-02"> <IdValuename="clientNumber">12345678900</IdValue> </ClientId> -<UserIdidOwner="Sterling" xmlns="http://ns.hr-xml.org/2004-08-02"> <IdValue>aliceuser</IdValue> </UserId> -<PersonNamexmlns="http://ns.hr-xml.org/2004-08-02"> <FormattedName>Alice Smith</FormattedName> </PersonName> (continued on next page. . .)

  19. Protocol Exchange – add (cont’d) (continued from previous page . . .) +<ContactMethodxmlns="http://ns.hr-xml.org/2004-08-02"> +<PersonDescriptorsxmlns="http://ns.hr-xml.org/2004-08-02"> +<PostalAddress type="streetAddress"xmlns="http://ns.hr-xml.org/2004-08-02"> -<Group idOwner="Sterling"xmlns="http://ns.hr-xml.org/2004-08-02"> <IdValuename="webDirectGroup">Managers</IdValue> </Group> -<RoleidOwner="Sterling"xmlns="http://ns.hr-xml.org/2004-08-02"> <IdValuename="webDirectRole">Recruiter</IdValue> </Role> </UserAccountsTypeUserAccount> </data> </addRequest> </soap:Body> </soap:Envelope> <?xml version="1.0" encoding="utf-8"?> -<soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> -<soap:Body> <addResponsestatus="success" xmlns="urn:oasis:names:tc:SPML:2:0" > -<pso> <psoIdID="UserId=aliceuser,idOwner=Sterling" targetId="HR-XML"/> </pso> </addResponse> </soap:Body> </soap:Envelope>

  20. Protocol Exchange – modify <?xml version="1.0" encoding="utf-8"?> -<soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> -<soap:Body> <modifyRequestxmlns="urn:oasis:names:tc:SPML:2:0" > <psoIdID="UserId=aliceuser,idOwner=Sterling" targetId="HR-XML"/> <modificationmodificationMode="replace"> <component>/UserAccountsTypeUserAccount/Role</component> - <data> - <RoleidOwner="Sterling" xmlns="http://ns.hr-xml.org/2004-08-02"> <IdValuename="webDirectRole">SeniorRecruiter</IdValue> </Role> </data> </modification> </modifyRequest> </soap:Body> </soap:Envelope> <?xml version="1.0" encoding="utf-8"?> - <soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> - <soap:Body> <modifyResponsestatus="success" xmlns="urn:oasis:names:tc:SPML:2:0" /> </soap:Body> </soap:Envelope>

  21. Protocol Exchange – setPassword <?xml version="1.0" encoding="utf-8"?> - <soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> - <soap:Body> - <setPasswordRequestxmlns="urn:oasis:names:tc:SPML:2:0:password" > <psoId ID="UserId=aliceuser,idOwner=Sterling" targetId="HR-XML" xmlns="urn:oasis:names:tc:SPML:2:0"/> <passwordxmlns="urn:oasis:names:tc:SPML:2:0:password">foobar</password> </setPasswordRequest> </soap:Body> </soap:Envelope> <?xml version="1.0" encoding="utf-8"?> - <soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> - <soap:Body> <setPasswordResponsestatus="success" xmlns="urn:oasis:names:tc:SPML:2:0:password" /> </soap:Body> </soap:Envelope>

  22. Protocol Exchange – suspend <?xml version="1.0" encoding="utf-8"?> - <soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> - <soap:Body> - <suspendRequestxmlns="urn:oasis:names:tc:SPML:2:0:suspend" > <psoIdID="UserId=aliceuser,idOwner=Sterling" targetId="HR-XML" xmlns="urn:oasis:names:tc:SPML:2:0"/> </suspendRequest> </soap:Body> </soap:Envelope> • Sample SPML Message Exchange <?xml version="1.0" encoding="utf-8"?> - <soap:Envelopexmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> - <soap:Body> <suspendResponsestatus="success" xmlns="urn:oasis:names:tc:SPML:2:0:suspend" /> </soap:Body> </soap:Envelope>

  23. What Next?

  24. What Next? • An on-going TC Process… • Continue to build out use cases • Continued exchange • Bi-weekly working group meetings • Deliverables • SPML “HR-XML Profile” document • Samples & normative “rules” to make this interoperable • Delivered as OASIS specification

  25. Questions?

More Related