Data Processor Basics
Data processors have been integral in RSA Governance and Lifecycle (G&L) systems, playing a crucial role in manipulating data throughout different stages of collections, unification or Separation of Duties (SoD) processing. Traditionally, the integration of custom logic into these data processors required direct system access to the AVDB database and the use of tools such as SQL Developer. However, with the evolution of G&L products, there has been a paradigm shift in the approach to implementing custom logic within data processors.
In this blog post, we'll explore the historical context of data processors and examine contemporary solutions that not only streamline the customization process but also eliminate the necessity for direct database access. This evolution promises a more accessible and agile approach for developers working with G&L systems.
Pre 7.5.2: Common Extension Points
In versions preceding 7.5.2, customization within Governance and Lifecycle (G&L) systems was facilitated through various extension points. These extension points served as key areas where developers could inject custom logic to tailor the system according to specific organizational needs. Below is a table outlining some of the common extension points utilized in G&L systems before version 7.5.2:
| Processor Name | Description |
|---|---|
| Pre_ID_Unification_Handler | Any action needed post identity data collection but before unification. Mostly used to manipulate the T_DC_SOURCEDATA_USER table |
| Post_ID_Unification_Handler | Any action that needs to be performed after the identities have been collected, unified and persisted in the system |
| Pre_Supervisor_Resolution | Any action that needs to be performed after the identities have been collected, but before supervisor references are resolved |
| Pre_ADC_Handler | Any action to be performed post account data collection but before processing. |
| Post_Account_Data_Load_Handler | Action to be taken once account data has been collected and persisted in the system |
| Post_MAEDC_Load_Handler | Any action needed post multi-app EDC run |
| Post_Process_SoD_Violations | Actions to be taken post SoD rules have been evaluated and violations generated |
G&L Cloud and 7.5.2 On-Premise: Easy Customization
In the newest G&L Cloud and on-premise versions 7.5.2 and above, RSA has made customizing your system a breeze. This significant enhancement simplifies the process of adding and maintaining custom extensions, making it more intuitive and user-friendly for developers and administrators alike.
To enable usage of processors, the following system settings must be set.
custom.enableCustomPostProcessingScript = true
After activation, you'll find the "Pre Custom Processing" and "Post Custom Processing" options available in designated configuration areas.
| Process/Collector Name | Description |
|---|---|
| Identity Collectors | Any action needed before or after identity data collection but before unification. |
| Unification | Any action that needs to be performed before or after identity unification (Pre Process Script / Post Process Script) |
| Account Collectors (ADC) | Any action to be performed before or after account data collection. |
| Entitlements Collectors (EDC) | Any action to be performed before or after entitlements data collection. |
| Role Collectors (RDC) | Any action to be performed before or after role data collection. |
| Multi-App Collectors | Similar to ADC / EDC / RDC |
| Data Access Collectors | NA |
| App Metadata Collectors | NA |
These data processors are advanced product features and should be utilized with caution and discretion.