Here is a view of the integration of external applications to manage submissions to IM TEWS.
Original Message:
Sent: Aug 26, 2022 10:23 AM
From: Alan Baugher
Subject: Increase Timeout values for TEWS
Hi Sivaramakrishnan,
The communication to IM TEWS is designed to be ASYNC.
You should immediately (< 1 second) receive a taskID GUID for any submission. Then the IM solution will act upon the submission. In your external application, you can then immediately query the status of the taskID GUID, and periodically recheck the status every 15 seconds until it is complete.
The timeout of 30 seconds that is set up on the user console is also used by the TEWS process. Most tasks without provisioning will be done within this 30-second timeframe. However, if there is provisioning to 100's of systems with multiple provisioning roles, this may take 1-2 minutes. If you have business rules that integrate with SAP Workflow or external workflows, some provisioning events may take hours.
If you wish to force the external application to not wait the full 30 seconds and to disconnect after it has received the taskID GUID, add the following to your java header.
-H "ImmediateTEWSResponse=true"
Ref: https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-3/administrating/admin-roles-and-tasks/admin-tasks/define-the-profile-of-the-task/task-configuration-properties.html
Example of submission to IM TEWS task with this new header. Note that we stored the returned TASK ID GUID.
#################
TASK_ID=$(curl -k -s -b cookies.txt -H "Content-Type: text/xml; charset=utf-8" -H "ImmediateTEWSResponse=true" -H "SOAPAction:" -X POST https://$
IME_HOST:$IME_PORT/iam/im/TEWS6/identityEnv -d @$FILE1 |xmllint --format - | grep transactionId |awk -F ">" '{print $2}' |awk -F "<" '{print $1}
')
Example to query the status TASK ID via a SOAP BODY using the IM task of TaskStatus.
This will return the parent task status and any child tasks statuses as well.
#####################
cat << EOF > $FILE2
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl">
<soapenv:Header>
<wsdl:TaskStatusSearchTaskContext>
<wsdl:admin_id>$IME_USER</wsdl:admin_id>
<wsdl:admin_password>$IME_PASSWORD</wsdl:admin_password>
</wsdl:TaskStatusSearchTaskContext>
</soapenv:Header>
<soapenv:Body>
<wsdl:TaskStatusSearch>
<wsdl:Filter index="0">
<wsdl:TaskId>$TASK_ID</wsdl:TaskId>
</wsdl:Filter>
</wsdl:TaskStatusSearch>
</soapenv:Body>
</soapenv:Envelope>
EOF
curl -k -s -b cookies.txt -H "Content-Type: text/xml; charset=utf-8" -H "SOAPAction:" -X POST https://$IME_HOST:$IME_PORT/iam/im/TEWS6/ident
ityEnv -d @$FILE2 |xmllint --format -
Cheers,
------------------------------
Alan Baugher
ANA
Original Message:
Sent: Jul 22, 2022 10:58 AM
From: Sivaramakrishnan Chandrasekaran
Subject: Increase Timeout values for TEWS
Hi Team,
Is there any way we can increase the timeout values for Identity Manager TEWS services. We have ServiceNOW integrated to IDM through SOAP and many of the transactions are timing out.
As per the article ID 185914, there is no timeout setting for TEWS. However, we are facing too many such failures in our environment. Also, we created a parameter "PxSOAPReadTimeOut" and set that value to 120. This also appears not to be having any effect on the incoming requests to IDM.
is there anyway we can increase this value. Please advise.
Thanks
Siva