New feature Request: SPML 2.0
- Can you please support SPML 2.0 in your product as a connected datasource (CS), so it will properly be able to consume queued SPML messages (cs to mv).
It would be tremendously helpful if the new ILM would support the most common open standard. Sun, Oracle and all the other big ILM vendors support this standard.
All Replies
Is there a system you're trying to integrate with where SPML is required?
- Indeed, many Universities run SunGardHE Banner ERP, which relies on SPML as interface to ILMs. Therefor at the moment only Oracle, Sun's and Novel's ILM products will work out of the box. By enabling SPML support in ILM '2' your product will become a usable alternative at many institutions.
- How would a developer go about building a plug in to ILM2 to allow it to connect to an application that supports SPMLv2 over HTTPS? What is the relevant documentation to review to do this.
We have used ILM to drive provisioning from our SungardHE Banner installation for years, so if ILM isn't already an option for higher ed, I'd better run to my server room right now! ;-)
SPML sounds really promising as method for provisioning from ILM to other SPML-supporting systems. So from that perspective, I am also all for an SPML connector. Maybe it will help promote the standard.
It's just that I don't know of many applications that support SPML.... We are evaluating LifeRay Portal for instance. I've heard rumors that it supports SPML, but a search of liferay with SPML brings up bupkes. Ahh, the Oracle Portal (OID) supports it! But I would have to implement Oracle Identity Management first. Hmmm, that kind of defeats the purpose. BlackBoard and SPML? Nothing. Our call acounting system? ID Badge sytem? You get the point.
I am curious as to how SPML would play into a Banner/ILM connection.
I am not the sharpest guy at reading "standards-ese" and marketing lingo, so maybe you can help me because I probably have the picture wrong. But from the little I can read about it, it looks like a Banner's own identity mgt/workflow engine drives SPML web-services based calls that would trigger provisioning in remote systems directly (asynchronously?) outward from the Banner system?
Where would ILM fit in?
Alatmcc,
With my limited understanding, SGHE's Banner Identifty Services (BIS) doesn't do the actual provisioning, it produces SPML from HR and Student. They rely on other products, such as those mentioned by Gideon to manage the provisioning/deprovisioning of whatever systems need to be managed (AD/Exchange, Banner INB, CLM, and all of the systems you mentioned). The vendors Gideon mentions are the one's listed by SGHE as being supported by BIS.
When talking with a group of folks in coordinating our Luminus deployment, I asked why ILM wasn't included. Their response was because ILM doesn't do SPML. Of course, they're willing to write the ILM MA for a large chunk of change.
As I've been investigating this more, I'm pondering starting up a project in CodePlex to write the SPML-MA (my gut is that this will really just use a database MA, but will have a web service front end that BIS will pass the SPML to and shred it appropriately and populate a custom database table(s)). Anyone interested in working on this?
Side note: It's been a few months since I started pondering this, as I stepped back on my ILM responsibilities to work another project that will be wrapping up in the end of April. I'll follow-up then when I've repondered this. :)
John- hi John..
I am very experienced in developing ILM xMA's.. I just started a project on Codeplex that will be introducing new ones pretty often.. I have most of the code done... And its all module based.. So you can plug in what you want.... I would like add an SPML xMA to my list if you don't mind...
I have a couple others in the pipeline.. but I will add it to the schedule...
All of these xMA's will work in ILM "2" also..
Joe Stepongzi
Joe Stepongzi - Identity Management Consultant - ILM MVP - www.microsoftIdM.com,ilmXframework.codeplex.com - Very interesting thread.
I would be interested in an ILM MA that speaks native SPMLv2. Microsoft customers could use this to communicate with any application that supports SPMLv2. And for those applications that don't, SPMLv2 gateways can be used provide a standard interface to these applications. We have such gateways for many SaaS providers (Salesforce.com, Google Apps, WebEx, ZenDesk, ...) available today. They are hosted on www.cloud-identity.com and can be used from any Identity Management solution that supports SPMLv2. Using an ILM MA that can communicate SPMLv2 to the hosted gateways on Cloud Identity would be a good way to quickly provide provisioning users into SaaS applications. - Our school is looking into moving forward with SGHE's Banner Enterprise Identity Services. Has there been any progress with SPML support?
