docbkx/admin-guide/chap-overview.xml

	chap-overview.xml revision 97b85f0547d329d599fad5a2c68f133c4bea9ab1
<?xml version="1.0" encoding="UTF-8"?>
<!--
  ! CCPL HEADER START
  !
  ! This work is licensed under the Creative Commons
  ! Attribution-NonCommercial-NoDerivs 3.0 Unported License.
  ! To view a copy of this license, visit
  ! http://creativecommons.org/licenses/by-nc-nd/3.0/
  ! or send a letter to Creative Commons, 444 Castro Street,
  ! Suite 900, Mountain View, California, 94041, USA.
  !
  ! You can also obtain a copy of the license at
  ! legal/CC-BY-NC-ND.txt.
  ! See the License for the specific language governing permissions
  ! and limitations under the License.
  !
  ! If applicable, add the following below this CCPL HEADER, with the fields
  ! enclosed by brackets "[]" replaced with your own identifying information:
  !      Portions Copyright [yyyy] [name of copyright owner]
  !
  ! CCPL HEADER END
  !
  !      Copyright 2011 ForgeRock AS
  !
-->
<chapter version="5.0"
         xsi:schemaLocation="http://docbook.org/ns/docbook http://docbook.org/xml/5.0/xsd/docbook.xsd"
         xml:id="chap-overview" xml:lang="en"
         xmlns="http://docbook.org/ns/docbook"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xmlns:xs="http://www.w3.org/2001/XMLSchema"
         xmlns:xlink="http://www.w3.org/1999/xlink"
         xmlns:xinclude="http://www.w3.org/2001/XInclude"
         xmlns:ns="http://docbook.org/ns/docbook">
  <title>Architectural Overview</title>

  <para>OpenIDM Architecture<emphasis role="bold" /></para>

  <para>
    <inlinemediaobject>
      <imageobject>
        <imagedata fileref="images/openidm2-architecture.png">
          <info>
            <author>
              <personname />
            </author>

            <pubdate />
          </info>
        </imagedata>
      </imageobject>
    </inlinemediaobject>
  </para>

  <sect1>
    <title>OpenIDM Modularity Framework</title>

    <para>The OpenIDM framework is based on OSGi.</para>

    <sect4>
      <title>OSGi</title>

      <para>OSGi is a module system and service platform for the Java
      programming language that implements a complete and dynamic component
      model. For a good introduction please refer to
      <link xlink:href="http://www.osgi.org/About/WhyOSGi"></link>.
      While the OpenIDM services should be
      able to run in any OSGi container, it is currently running in
      <link xlink:href="http://felix.apache.org/site/index.html">Apache Felix</link>.</para>
    </sect4>

    <section>
      <title>Servlet</title>

      <para>This is an optional layer providing RESTful HTTP access to the
      managed objects and services. While the servlet layer may be provided by
      many different engines, OpenIDM embeds Jetty by default.</para>
    </section>
  </sect1>

  <section>
    <title>Infrastructure Modules</title>

    <para>The infrastructure modules provide the underlying features needed
    for the core services.</para>

    <section>
      <title>Scheduler</title>
      <para>The schedular is a cron like scheduling component implemented
      using the
      <link xlink:href="http://www.quartz-scheduler.org">Quartz library</link>.
      It is
      typically used to schedule regular syncronizations and
      reconciliations.
      </para>
      <para>
      <xref linkend="chap-scheduling"/>
      </para>
    </section>

    <section>
      <title>Script Engine</title>

      <para>The script engine is a pluggable module that provides the triggers
      and plugin points for OpenIDM. At this time LINKJavaScript is the only
      supported implementation. Other scripts and languages may be supported
      in the future.</para>
    </section>

    <section>
      <title>Audit Logging</title>

      <para>Auditing logs all relevant system activity to the configured
      log stores. This includes the data from reconciliation as a basis for
      reporting, as well as detailed activity logs to capture operations on
      the internal (managed) and external (system) objects.</para>
      <para> <xref linkend="chap-auditing"/> </para>
    </section>

    <section>
      <title>Repository</title>

      <para>The repository provides a common abstraction for a pluggable
      persistence layer. Plugged in repositories could be NoSQL, relational
      databases, LDAP, or even flat files. The repository API operates with a
      JSON-based object model with RESTful principles consistent with the
      other OpenIDM services. The default embedded implementation for the
      repository is the NoSQL database OrientDB.</para>
    </section>
  </section>

  <section>
    <title>Core Services</title>

    <para>The core services are the heart of the OpenIDM resource oriented
    unified object model and architecture.</para>

    <section>
      <title>Object Model</title>

      <para>Artifacts handled by OpenIDM are Java object representations of
      the JavaScript object model as defined by JSON. This supports
      interoperability and potential integration with a vast number of
      applications, services and programming languages. As OpenIDM is a
      Java-based product, these representations are instances of classes: Map,
      List, String, Number, Boolean and null. OpenIDM can
      serialize/deserialize these structures to/from JSON as required. OpenIDM
      also exposes a set of triggers and functions that system administrators
      can define in JavaScript which can natively read and modify these
      JSON-based object model structures. In the future OpenIDM may support
      other scripting and programming languages.</para>

      </section>
      <section>
      <title>Managed Objects</title>

      <para>A managed object is an object that represents the identity-related
      data managed by OpenIDM. Managed objects are configurable JSON-based
      data structures stored by OpenIDM in it's pluggable repository. While
      the default configuration of managed objects is that of a user, any
      object may be defined through configuration.</para>
      </section>

      <section>
      <title>System Objects</title>

      <para>System objects are a pluggable representation of objects on
      external systems. They follow the same RESTful resource based design
      principles as managed objects. There is a default implementation for the
      OpenICF framework which allows any connector object to be represented as
      a system object.</para>
    </section>

    <section>
      <title>Mappings</title>

      <para>The mappings define the policies between source and target
      objects and their attributes during synchronization and reconciliation.
      Mappings may also define triggers for validation, customization
      filtering, and transformation of the source and target objects.</para>
      <para> <xref linkend="chap-synchronization"/> </para>
    </section>

    <section>
      <title>Synchronization and Reconciliation</title>

      <para>Reconciliation provides for on-demand, or scheduled comparison
      of resources between the OpenIDM managed object repository and source or
      target systems. The comparisons may result in different types of actions
      depending on the mappings defined between the systems.</para>

      <para>Synchronization provides for on-demand or scheduled create,
      update, and delete of resources from a source to a target system.</para>
      <para> <xref linkend="chap-synchronization"/> </para>
    </section>
  </section>

  <section>
    <title>Access Layer</title>

    <para>The access layer provides the user interfaces and public APIs for
    accessing and managing the OpenIDM repository and it's functions.</para>

    <section>
      <title>RESTful Interfaces</title>

      <para>REST APIs for CRUD operations and invoking sync and recon are
      provided for both HTTP and Java.</para>
      <para> <xref linkend="chap-rest"/> </para>
    </section>

    <section>
      <title>User Interface</title>

      <para>Password management, registration, self service and workflow
      coming soon. Stay tuned.</para>
    </section>
  </section>
</chapter>