OpenAccess Integrator's Guide - IBM

IBM OpenPages GRC PlatformVersion 7.0.0

OpenAccess Integrator's Guide

��

NoteBefore using this information and the product it supports, read the information in “Notices” on page 51.

Product Information

This document applies to IBM OpenPages GRC Platform Version 7.0.0 and may also apply to subsequent releases.

Licensed Materials - Property of IBM Corporation.

© Copyright IBM Corporation, 2003, 2013.

US Government Users Restricted Rights – Use, duplication or disclosure restricted by GSA ADP Schedule Contractwith IBM Corp.

Contents

Chapter 1. Introduction to OpenAccess . . . . . . . . . . . . . . . . . . . . . . 1Access OpenAccess web services . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Security service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Compliance service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1UserGroupAdmin service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Use OpenAccess . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2About the IBM OpenPages object model . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Folder structures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Handling objects with associated objects . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Chapter 2. OpenAccess methods . . . . . . . . . . . . . . . . . . . . . . . . . 7Security service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Login method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Logout method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Compliance service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Retrieval methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8Creation methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14Update Methods. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

User and group administration service . . . . . . . . . . . . . . . . . . . . . . . . . . 17Create user method. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Create group method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17Remove all users from group method . . . . . . . . . . . . . . . . . . . . . . . . . 18Add users to group method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Remove users from group method. . . . . . . . . . . . . . . . . . . . . . . . . . . 18Group details method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18Get all group details method . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19List all users method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Get user detail method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Update user information method . . . . . . . . . . . . . . . . . . . . . . . . . . . 19Update group information method . . . . . . . . . . . . . . . . . . . . . . . . . . 20Delete groups method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Disable users method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Disable groups method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Configuration service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21Export configuration as XML method. . . . . . . . . . . . . . . . . . . . . . . . . . 21Import XML configuration method . . . . . . . . . . . . . . . . . . . . . . . . . . 21Export resources method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Chapter 3. Sample OpenAccess code . . . . . . . . . . . . . . . . . . . . . . 23Sample Code executable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23Sample code program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Appendix. ICompliance interface code . . . . . . . . . . . . . . . . . . . . . . 33

Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

iii

iv IBM OpenPages GRC Platform Version 7.0.0: OpenAccess Integrator's Guide

Document Release and Update Information

This topic lists information about this document and where updates to thisdocument can be found.

Document Release Information

Software Version: 6.2.1

Document Published: April, 2013

Document Updates

Supplemental documentation is available on the web. Go to the IBM® OpenPages®

Platform documentation library IBM OpenPages GRC Platform documentationlibrary on the IBM support website (http://www.ibm.com/support/docview.wss?uid=swg27036766).

v

http://ibm.com/support/docview.wss?uid=swg27036766

http://ibm.com/support/docview.wss?uid=swg27036766

vi IBM OpenPages GRC Platform Version 7.0.0: OpenAccess Integrator's Guide

Chapter 1. Introduction to OpenAccess

OpenAccess is an integration application programming interface (API) that usesweb services for IBM OpenPages GRC Platform product installations on MicrosoftWindows with Oracle WebLogic Server.

OpenAccess allows third-party developers to retrieve, create and update objectswithin the different modules of the IBM OpenPages application.

Note: OpenAccess is not supported in IBM AIX® or Microsoft Windowsenvironments with IBM WebSphere® Application Server.

Connections to OpenAccess are handled through the Web via the HTTP or HTTPSprotocol. Each service is described using the standard WSDL 1.1 descriptionlanguage, allowing it to be used by a Java™ platform or a Microsoft .NET platform.

Access OpenAccess web servicesOpenAccess contains three web services that access the IBM OpenPages GRCPlatform repository, and allow applications to create, update, and retrieve data.

You can view the definition of the Web Services Description Language (WSDL) filefor each service by entering the URL information that follows in your browser. Tocreate an OpenAccess web service WSDL file, copy the contents displayed in thebrowser into an empty text file and then rename the file.

Security serviceThe Security web service controls application access to IBM OpenPages GRCPlatform functionality by generating a SecurityToken to be used by eachtransaction within the session.

The Security web service endpoint can be accessed at:http://[hostname]:[portnumber]/opwebservices/SecurityService?WSDL

Examplehttp://server001:7009/opwebservices/SecurityService?WSDL

Compliance serviceThe Compliance web service contains the methods used to create, update, andretrieve objects.

The Compliance web service endpoint can be accessed at:http://[hostname]:[portnumber]/opwebservices/ComplianceService?WSDL

Examplehttp://server001:7009/opwebservices/ComplianceService?WSDL

Note:

v Compliance web service API methods do not support the retrieval of computedfields.

1

v The IBM OpenPages product only supports Compliance web service APImethods for object types that are associated with modules that have beeninstalled.

UserGroupAdmin serviceThe UserGroupAdmin web service contains the methods used to create, update,and disable users and groups in the IBM OpenPages GRC Platform application.

The UserGroupAdmin web service endpoint can be accessed at:http://[hostname]:[portnumber]/opwebservices/UserGroupAdminService?WSDL

Examplehttp://server001:7009/opwebservices/UserGroupAdminService?WSDL

Use OpenAccessDepending on your development platform, such as Java or Microsoft .NET, youcan generate classes from the supplied WSDL files using the appropriate tools.

Your application can then reference these files in order to access the IBMOpenPages environment.

About the IBM OpenPages object modelThe various objects follow a hierarchical "tree" structure, with associations linkingthe different levels of the hierarchy.

If your company has implemented an object hierarchy based on your ownpractices that differs from the standard object model, you should work with yourproject leader or OpenPages support contact to determine what changes have beenimplemented.

Table 1 maps the internal IBM OpenPages object type name to the Web servicesobject type array name, and identifies which IBM OpenPages modules use aparticular object type enabled by default, out of the box.

FCM means IBM OpenPages Financial Controls Management

ORM means IBM OpenPages Operational Risk Management

ITG means IBM OpenPages Information Technology Governance

PCM means IBM OpenPages Policy and Compliance Management

IAM means IBM OpenPages Internal Audit Management

Table 1. Mapping Internal and Web Service Object Names

Internal Object TypeName

Web ServicesObject Type ArrayName FCM ORM ITG PCM IAM

Attestation Attestation x --- --- --- ---

AuditableEntity Auditable Entity --- --- --- --- x

AuditPhase Audit Phase --- --- --- --- x

2 IBM OpenPages GRC Platform Version 7.0.0: OpenAccess Integrator's Guide

Table 1. Mapping Internal and Web Service Object Names (continued)



AuditProgram Audit --- --- --- --- x

Auditor Auditor --- — --- --- x

Findings Findings --- --- --- --- x

Incident Incident --- --- x --- ---

KeyPerfIndicator KPI --- --- x --- ---

KeyPerfIndicatorValue KPI Value --- --- x --- ---

KeyRiskIndicator KRI --- x --- --- ---

KeyRiskIndicatorValue KRI Value --- x --- --- ---

LossEvent Loss Event --- x --- --- ---

LossImpact Loss Impact --- x --- --- ---

LossRecovery Loss Recovery --- x --- --- ---

Mandate Mandate --- --- x x x

ORXLoss ORXLoss --- x --- --- ---

Plan Plan --- --- --- --- x

Preference Preference --- --- --- --- x

PrefGrp Preference Group --- --- --- --- x

ProjectActionItem Project Action Item x x x x x

Requirement Requirement --- --- x x ---

Resource Resource --- --- x --- ---

ResourceLink Resource Link® --- --- x --- ---

ReviewComment Audit ReviewComment

--- --- --- --- x

RiskAssessment Risk Assessment x x x x x

RiskEntity Control Plan --- --- x --- ---

RiskSubEntity Baseline --- --- x --- ---

ScenarioAnalysis Scenario Analysis --- x --- --- ---

SOXAccount Account x --- --- --- x

SOXBusEntity Business Entity x x x x x

SOXControl Control x x x x x

SOXControlObjective Control Objective x x x x x

SOXDocument File x x x x x

SOXExternalDocument Link x x x x x

SOXIssue Issue x x x x x

SOXMilestone Milestone x x x x x

SOXProcess Process x x x x x

SOXProject Project --- --- --- --- ---

SOXRisk Risk x x x x x

SOXSignature Signature x x x x x

SOXSubaccount Sub-Account x --- --- --- ---

Chapter 1. Introduction to OpenAccess 3

Table 1. Mapping Internal and Web Service Object Names (continued)



SOXSubprocess Sub-Process x x x x x

SOXTask Issue Action Item x x x x x

SOXTest Test x x x x x

SOXTestResult Test Result x x x x x

Submandate Sub-Mandate --- --- x x ---

Timesheet Timesheet --- --- --- --- x

Workpapers Workpapers --- --- --- --- x

About the IBM OpenPages Folder Structure

When the IBM OpenPages object hierarchy is viewed as a folder structure from theOpenPages repository, the folder structure differs slightly from the actual objecthierarchy that is displayed on the application’s Overview pages (such as on aBusiness Entity Overview or Process Overview page).

Business Entities, Issues, Issue Action Items, Project Plan Milestones, and ProjectAction Items are contained in their own folder, while all the other object types arecontained in sub-folders under the ICDocumentation folder.

Example

Let’s say you add a new business entity called "Enterprise." A folder with thename of the business entity is created under the BusinessEntity folder in theOpenPages repository. When you add a sub-entity named "Region" to the"Enterprise" entity, a corresponding folder is created.

When you add other objects to a business entity hierarchy, such as a Process,Account, Risk Assessment, etc., the folder structure of the business entity it belongsto is automatically created under the corresponding object type folder. All objectsof that type created for that business entity are placed in the same folder.

For example, if you create an Account object called "Petty Cash" under the Regionbusiness entity, the object will be placed into the ICDocumentation\Accounts\Enterprise\Region folder. If you then create a risk associated with the account, theRisk object is placed in the ICDocumentation\Risks\Enterprise\Region folder.

Folder structuresWhen you create objects through OpenAccess, it is important to remember to placethe new object in the proper folder context, or create a new folder structure if onedoes not already exist.

For example, if a Business Entity object does not contain Process objects, then nocorresponding folder structure under the \ICDocumentation\Processes folder willexist.

To figure out the folder path to use when you create an object and associate it withits parent, you should follow the rules below.


v If the object’s full path attribute is populated, the object will be created in thefolder specified by the full path attribute.

v If the object’s full path attribute is NOT populated, it is placed under the samefolder structure as its parent object. For example, if the parent is created underthe \E1\E2\E3 folder structure, the newly created object will be placed in thesame folder.

v If the object’s path relative to parent is populated, the relative path should beappended to the full path determined by either of the previous rules. Forexample, if the full path is \E1\E2\E3, and the path relative to parent is \C1\C2,then the object would be created under the path \E1\E2\E3\C1\C2.

Handling objects with associated objectsObjects can contain additional associated objects.

About this task

When you create an object, it can contain any of the following objects:v An array of external URL linksv An array of attachmentsv An issue, which can contain an array of action items

If an object is created that contains the above objects, the associated objects willalso be created along with the object.

If an object containing the above objects is updated, the following events willhappen:

Procedure1. The object will be updated.2. Existing URL links will be updated, and new URL links will be created.3. Existing attachments will be updated, and new attachments will be created.4. Existing issues will be updated, and new issues will be created.5. Existing action items will be updated, and new action items will be created.

Chapter 1. Introduction to OpenAccess 5


Chapter 2. OpenAccess methods

Several services are available to developers through the OpenAccess functionality.

Each service is listed with an explanation of the available parameters and, whereavailable, a sample of how it is used in the sample code supplied withOpenAccess.

The examples are denoted with a line number or numbers that correspond to aplace in the sample that uses the service. Open the sample code program (or copythe provided lines) into a text editor that supports line numbering.

The available services are:v “Security service”v “Compliance service” on page 8v “User and group administration service” on page 17v “Configuration service” on page 21

Security serviceThe security service handles the authentication and authorization of users whenthey attempt to access the OpenAccess web services.

Login methodA Web services user supplies a username and password to log into the system.

The method returns a security token that must be supplied when invoking anyWeb Services action. The security token also determines what actions the user canand cannot perform.

Syntax:SecurityToken login(String username, String password);

Parameters:

usernameString corresponding to a valid user account name.

passwordString corresponding to the account password for the user.

Logout methodWhen a user logs out of the system, the SecurityToken generated for the usersession must be invalidated.

The method voids the security token associated with the current user session.

Syntax:void logout(SecurityToken token);

Parameters:

7

SecurityTokenThe login token associated with the current user session.

Compliance service

Note:

v Compliance Web service API methods do not support the retrieval of computedfields.

v The IBM OpenPages platform only supports Compliance Web service APImethods for object types that are associated with modules that have beeninstalled.

Retrieval methods

Note: The methods that follow show only a sub-set of available retrieval methods.

Get all business entities methodReturns an array of the business entities contained in the repository.

The depth of the data returned can be limited by using the "level" parameter. Forexample, if "level" is set to "3", then only the top three levels of business entitieswill be returned by the method. The amount and type of data returned can also befiltered by including SelectionFilters.

Syntax:public BusinessEntity[] getBusinessEntities(SecurityToken token,int level, SelectionFilters filters);

Parameters:


level Specifies how many levels of association will be traversed when returningthe array of business entities.

SelectionFiltersSpecifies the selection criteria that controls what information is returned foreach item.

Get all child business entities methodReturns an array of business entities contained beneath a root business entity(specified with rootId).

The array can be filtered by the inclusion of selection criteria (SelectionFilters). Ifno business entities are found, the method returns an empty array.

Syntax:public BusinessEntityDetails[] getChildBusinessEntities(SecurityTokentoken, long rootId, SelectionFilters filters);

Parameters:


rootId The unique ID of the object that will be the root of the retrieval list.



Get accounts methodOpenPages FCM only. Retrieves all child accounts from beneath the root (identifiedby rootId) based on the specified selection criteria.

If no child accounts are found, the method returns an empty array.

Syntax:public AccountDetails[] getAccounts(SecurityToken token, longrootId, SelectionFilters filters)

Parameters:




Get subaccounts methodOpenPages FCM only. Retrieves all child subaccounts from beneath the root(identified by rootId) based on the specified selection criteria.

If no child subaccounts are found, the method returns an empty array.

Syntax:public SubAccountDetails[] getSubAccounts(SecurityToken token, longrootId, SelectionFilters filters);

Parameters:




Get processes methodRetrieves all child processes from beneath the root (identified by rootId) based onthe specified selection criteria.

If no child processes are found, the method returns an empty array.

Syntax:public ProcessDetails[] getProcesses(SecurityToken token, longrootId, SelectionFilters filters);

Parameters:


Chapter 2. OpenAccess methods 9



Get subprocesses methodRetrieves all child subprocesses from beneath the root (identified by rootId) basedon the specified selection criteria.

If no child subprocesses are found, the method returns an empty array.

Syntax:public SubProcessDetails[] getSubProcesses(SecurityToken token, longrootId, SelectionFilters filters);

Parameters:




Get control objectives methodRetrieves all child control objectives from beneath the root (identified by rootId)based on the specified selection criteria.

If no child control objectives are found, the method returns an empty array.

Syntax:public ControlObjectiveDetails[] getControlObjectives(SecurityTokentoken, long rootId, SelectionFilters filters);

Parameters:




Get risks methodRetrieves all child risks from beneath the root (identified by rootId) based on thespecified selection criteria.

If no child risks are found, the method returns an empty array.

Syntax:public RiskDetails[] getRisks(SecurityToken token, long rootId,SelectionFilters filters);

Parameters:





Get controls methodRetrieves all child controls from beneath the root (identified by rootId) based onthe specified selection criteria.

If no child controls are found, the method returns an empty array.

Syntax:public ControlDetails[] getControls(SecurityToken token,long rootId, SelectionFilters filters);

Parameters:




Get tests methodRetrieves all child tests from beneath the root (identified by startingParentId) basedon the specified selection criteria.

If no child tests are found, the method returns an empty array.

Syntax:public TestDetails[] getTests(SecurityToken token, longstartingParentId, SelectionFilters filters);

Parameters:


startingParentIdThe unique ID of the object that will be the root of the retrieval list.


Get test results methodRetrieves all child test results from beneath the root (identified by startingParentId)based on the specified selection criteria.

If no child test results are found, the method returns an empty array.

Syntax:


public TestrResultDetails[] getTestResults(SecurityTokentoken, long startingParentId, SelectionFilters filters);

Parameters:




Get issues methodRetrieves all child issues from beneath the root (identified by startingParentId)based on the specified selection criteria.

If no child issues are found, the method returns an empty array.

Syntax:public IssueDetails[] getIssues(SecurityToken token,long startingParentId, SelectionFilters filters);

Parameters:




Get action items methodRetrieves all child action items from beneath the root (identified bystartingParentId) based on the specified selection criteria.

If no child action items are found, the method returns an empty array.

Syntax:public ActionItemDetails[] getActionItems(SecurityTokentoken, long startingParentId, SelectionFilters filters)

Parameters:





Get single compliance object methodReturns a single compliance object that corresponds to the given id.

Syntax:public ComplianceObject getComplianceObject(SecurityToken token,long id);

Parameters:


id The unique resource ID of the desired compliance object.

Get all compliance objects matching criteria methodReturns an array of all compliance objects that match the selection criteria.

Syntax:public ComplianceObject[] getComplianceObjects(SecurityTokentoken, ComplianceObject bco, SelectionFilters filters);

Parameters:


ComplianceObjectThe compliance object type to be returned.


Get all child compliance objects matching criteria methodReturns all compliance objects below the root compliance object (defined byparentId) based on the selection criteria.

Syntax:public ComplianceObject[] getComplianceObjects(SecurityToken token,long parentId, ComplianceObject bco, SelectionFilters filters);

Parameters:


parentIdThe unique resource ID of the parent compliance object

ComplianceObjectThe compliance object type of the parent object.


Get object metadata methodReturns the metadata for the specified compliance object type.

When metadata fields are returned, they are returned in the form[property_name].[bundle_name], where [property_name] is the name of the


property that stores the value for the property field, and [bundle_name] is thename of the property bundle that contains the property. See the OpenPages FCMAdministrators Manual for a more in-depth discussion on property names andbundle names.

Syntax:MetaDataDetails getMetaData(SecurityToken token,BaseComplianceObject bro);

Parameters:


BaseComplianceObjectIdentifies the base compliance object type for which metadata will bereturned.

Get base ISO code methodReturns the base currency ISO code set up for the system.

Syntax:String.getBaseISOCode(SecurityToken token);

Parameters:


Get available currencies methodReturns all enabled currencies in the system.

The Currency metadata class has the Currency ISO Code and correspondingexchange rate as its attributes.

Description: Syntax:CurrencyMetaData[]getAvailableCurrencies(SecurityTokentoken);

Parameters:


Get reporting periods methodReturns an array of the available Reporting Periods.

Syntax:public ReportingPeriod[] getAvailableReportingPeriods(SecurityTokentoken)

Parameters:


Creation methodsThe methods that follow show only a sub-set of available creation methods.


Create associated issue methodCreates a new issue and associates it with the parent compliance object (identifiedby parentId).

If the imported action item is not null, it will create a new action item as well andassociate it with the new issue. If the creation of the issue is successful, the ID ofthe newly created issue will be returned.

Syntax:public long createIssue(SecurityToken token, long parentId,IssueDetails issue, ActionItemDetails actionItem);

Parameters:


parentIdThe resource ID of the parent compliance object to which the issue will beassociated.

IssueDetailsAny included details of the issue are passed using this parameter.

ActionItemDetailsIf an action item is being created, the details are contained in thisparameter.

Create associated compliance object methodCreates a new compliance object and associates it with its parent compliance object(identified by parentId).If the compliance object contains any file attachments orexternal URL links, the associated objects are created and associated with thenewly created compliance object. If the creation is successful, the object ID isreturned.

Description: When you create a compliance object, it can contain the followingobjects:v An array of external URL linksv An array of attachmentsv An issue, which can contain an array of action items

If a compliance object is created that contains the above objects, the associatedobjects will also be created along with the compliance object.

If a compliance object containing the above objects is updated, the following eventswill happen:1. The compliance object will be updated.2. Existing URL links will be updated, and new URL links will be created.3. Existing attachments will be updated, and new attachments will be created.4. Existing issues will be updated, and new issues will be created.5. Existing action items will be updated, and new action items will be created.

Syntax:public long createComplianceObject(SecurityToken token,long parentId, ComplianceObject bco);


Parameters:


parentIdThe resource ID of the parent compliance object.

ComplianceObjectThe compliance object type for the newly created object.

Create compliance object with path methodCreates a new compliance object based on a supplied full path based on thefollowing rules.v If the compliance object’s full path attribute is populated, the object should be

created in the folder specified by the full path attribute.v If the compliance object’s full path attribute is NOT populated, it is placed

under the same folder structure as its parent compliance object. For example, ifthe parent is created under the \E1\E2\E3 folder structure, the newly createdobject will be placed in the same folder.

v If the compliance object’s path relative to parent is populated, the relative pathshould be appended to the full path determined by either of the previous rules.For example, if the full path is \E1\E2\E3, and the path relative to parent is\C1\C2, then the object would be created under the path \E1\E2\E3\C1\C2.

Syntax:public long createComplianceObjects(SecurityToken token,BaseComplianceObject bso);

Parameters:


BaseComplianceObjectThe new compliance object type to be created.

Update MethodsThese methods update compliance objects.

Update compliance object methodUpdates a compliance object.

Syntax:public void updateComplianceObject(SecurityToken token,ComplianceObject bco);

Parameters:


ComplianceObjectThe compliance object to be updated.

Update compliance object with supplied values methodUpdates a compliance object using the supplied names and values of the objectproperties.


The "names" parameter contains the names of the properties to be updated, andthe "values" parameter contains the new values of the properties.

Syntax:public void updateComplianceObject(SecurityToken token,long id, String[] names, String values);

Parameters:


id The resource ID of the compliance object to be updated.

names The list of property names to be updated.

values The list of new property values to be used when updating the complianceobject.

User and group administration serviceUse these methods to administer and maintain users and groups.

Create user methodAdds a new user and associates that user with a list of groups. If the creation issuccessful, the newly created user ID will be returned.

Syntax:long addUser(SecurityToken token, OpenpagesUser user,String[] groupNames);

Parameters:


OpenpagesUserThe user name for the account to be created.

groupNamesA list of user groups to which the user will be added.

Create group methodCreates a new user group.

The newly created group ID is returned if the creation was successful.

Syntax:long addGroup(SecurityToken token, OpenpagesGroupgroup);

Parameters:


OpenpagesGroupThe name of the group to be created.


Remove all users from group methodClears all members from a user group.

Syntax:void clearGroupMembers(SecurityToken token, StringgroupName);

Parameters:


groupNameThe name of the group to be cleared.

Add users to group methodAdds a list of users to a specified group.

Syntax:void addUsersToGroup(SecurityToken token, String[]userNames, String groupName);

Parameters:


userNamesA list of user names to be added to the user group.

groupNameThe group to which the list of users will be added.

Remove users from group methodRemoves the specified user names from a user group.

Syntax:void removeUsersFromGroup(SecurityToken token, String[]userName, String groupName);

Parameters:


userNameContains the list of users that will be removed from the user group.

groupNameSpecifies the group from which users will be removed.

Group details methodReturns the details of a user group based on the specified group name.

Syntax:OpenpagesGroup getGroupByName(SecurityToken token,String groupName);


Parameters:


groupNameThe name of the group for which details will be returned.

Get all group details methodReturns an array of all user group details.

Syntax:OpenpagesGroup[] listGroups(SecurityToken token);

Parameters:


List all users methodReturns a list of all users.

Syntax:OpenpagesUser[] listUsers(SecurityToken token);

Parameters:


Get user detail methodReturns the user’s details based on the supplied user name.

Syntax:OpenpagesUser getUserByName(SecurityToken token, StringuserName);

Parameters:


userNameThe user account for which details will be retrieved.

Update user information methodUpdates a user’s information.

Syntax:void updateUser(SecurityToken token, OpenpagesUseruser);

Parameters:


user Identifies the user name to be updated.


Update group information methodUpdates a group’s information.

Syntax:void updateGroup(SecurityToken token, OpenpagesGroupgroup);

Parameters:


group Contains the information that will be updated.

Delete groups methodDeletes a list of groups.

Syntax:void deleteGroups(SecurityToken token, String groups[]);

Parameters:


groupsContains the list of user groups to be deleted.

Disable users methodDisables a list of users.

Disabled users still exist, but are not allowed to log into the system.

Syntax:void disableUsers(SecurityToken token, String userNames[]);

Parameters:


userNamesContains the list of user names to be disabled.

Disable groups methodDisables a list of user groups.

Disabled user groups still exist, but their members are not allowed to log into theOpenPages FCM system.

Syntax:void disableGroups(SecurityToken token, String groupNames[]);

Parameters:



groupNamesContains the list of group names to be disabled.

Configuration serviceThe configuration service is included for completeness only and should not beused or implemented without input from OpenPages Services and Support.

Note: Contact your Services or Support representative for guidance when usingthis web service.

Export configuration as XML methodExports the OpenPages FCM configuration and returns it as an XML string.

Syntax:String export(String username String password StringconfigLabel);

Parameters:

usernameThe administrative user name that will be used to export the configurationfrom OpenPages FCM.

passwordThe password for the user specified in the "username" parameter.

configLabelThe label for the exported configuration.

Import XML configuration methodImports an OpenPages FCM configuration in the form of an XML string.

Returns the status of the load.

Syntax:String load(String username String password StringinputConfigXml String configLabel);

Parameters:

usernameThe administrative user name that will be used to import the configurationinto OpenPages FCM.


inputConfigXmlThe imported configuration XML string.

configLabelThe label for the imported configuration.

Export resources methodExports all resources under the specified root folders that match the list ofincluded and excluded content types.


Syntax:String export(String username String password String[]rootFolderPaths String[] includeContentTypes String[]includeContentTypes);

Parameters:

usernameThe administrative user name that will be used to import the configurationinto OpenPages FCM.


rootFolderPathsThe array of root folder paths to be included.

includeContentTypesThe list of content types that will be included in the export.

excludeContentTypesThe list of content types that will be excluded from the export.


Chapter 3. Sample OpenAccess code

The sample code is intended to demonstrate some of the methods and functionsused to access the OpenPages FCM application through the web services.

Note: Not all methods and services are exposed in the sample code.

In order to run the sample code your computer must have additional requiredcomponents.

You must have JDK 1.5 or higher installed on your computer. If you are runningthe code on the IBM OpenPages application server, no further modifications arenecessary. If the IBM OpenPages application is running on a different server‘localhost’ with the appropriate application server name.

Note: Make sure to add the following .jar files to the classpath when you arerunning the OpenAccess sample code. These files are located onOP_6.2.1_Configuration in the OpenAccess\lib\weblogic folder on yourinstallation kit.v opwebservices_client.jar

v webserviceclient.jar

v webservices.jar

Sample Code executableCopy and paste the contents of this section into a text file and rename it to recreatethe runSamples.cmd file in the OpenAccess folder.

@echo offif exist "%JAVA_HOME%/bin/javac.exe" goto runSamplesecho.echo Javac wasn’t found in directory %JAVA_HOME%/bin.echo Please edit the runSamples.cmd script so that the JAVA_HOMEecho variable points to the root directory of your JDK installation.goto finish:runSamplesset WEBSERVICES_LIB=lib\weblogicset classpath=.;%WEBSERVICES_LIB%\webservices.jar;%WEBSERVICES_LIB%\webserviceclient.jar;%WEBSERVICES_LIB%\opwebservices_client.jar;javac -d . samples\OpenAccessWebServicesTest.javajava samples.OpenAccessWebServicesTest:finish@echo on

Sample code programCopy and paste the contents of this section into a text file and rename it to recreatethe OpenAccessWebServicesTest.java file in an OpenAccess\samples folder.

Output from the sample should appear in the command window when you runthe runSamples.cmd file.

/****/package samples;import java.rmi.RemoteException;import java.text.SimpleDateFormat;import java.util.Calendar;import java.util.Date;import java.util.List;import java.util.Random;

23

import java.util.ArrayList;import com.openpages.webservices.common.OpenpagesLocale;import com.openpages.webservices.compliance.PropertyFieldFilter;import com.openpages.webservices.compliance.SelectionFilter;import com.openpages.webservices.compliance.SelectionFilters;import com.openpages.webservices.compliance.client.ComplianceService;import com.openpages.webservices.compliance.client.ComplianceServicePort;import com.openpages.webservices.compliance.client.ComplianceService_Impl;import com.openpages.webservices.compliance.property.CurrencyField;import com.openpages.webservices.compliance.property.EnumerationSelection;import com.openpages.webservices.compliance.property.PropertyField;import com.openpages.webservices.compliance.vo.ActionItemDetails;import com.openpages.webservices.compliance.vo.Attachment;import com.openpages.webservices.compliance.vo.BusinessEntity;import com.openpages.webservices.compliance.vo.ComplianceObject;import com.openpages.webservices.compliance.vo.ControlDetails;import com.openpages.webservices.compliance.vo.ControlObjectiveDetails;import com.openpages.webservices.compliance.vo.ExternalUrlLink;import com.openpages.webservices.compliance.vo.IssueDetails;import com.openpages.webservices.compliance.vo.ProcessDetails;import com.openpages.webservices.compliance.vo.RiskDetails;import com.openpages.webservices.compliance.vo.SubProcessDetails;import com.openpages.webservices.compliance.vo.TestDetails;import com.openpages.webservices.compliance.vo.TestResultDetails;import com.openpages.webservices.metadata.MetaDataDetails;import com.openpages.webservices.metadata.PropertyFieldMetaData;import com.openpages.webservices.metadata.CurrencyMetaData;import com.openpages.webservices.security.SecurityToken;import com.openpages.webservices.security.client.SecurityService;import com.openpages.webservices.security.client.SecurityServicePort;import com.openpages.webservices.security.client.SecurityService_Impl;/*** This sample class shows how to utilize OpenPages OpenAccess web services**/public class OpenAccessWebServicesTest{

static SimpleDateFormat sSimpleDateFormatter = new SimpleDateFormat("yyyy-MM-dd hh-mm-ss");static final OpenpagesLocale sLocale;private static ComplianceService cService;private static SecurityService sService;private static Random random = new Random();private static List currencyMetaData = null;private static String SECURITY_SERVICE_WSDL_URL = "http://localhost:7009/opwebservices/SecurityService?WSDL";private static String COMPLIANCE_SERVICE_WSDL_URL = "http://localhost:7009/opwebservices/ComplianceService?WSDL";private static String username = "OpenPagesAdministrator";private static String password = "OpenPagesAdministrator";static{

sLocale = new OpenpagesLocale();sLocale.setCountry("US");sLocale.setLanguage("en");

}public static void initialize() throws Exception{cService = new ComplianceService_Impl(COMPLIANCE_SERVICE_WSDL_URL);sService = new SecurityService_Impl(SECURITY_SERVICE_WSDL_URL);

}/*** This method traverses all processes under a particular business entity** @param token Security token* @param cs Compliance service* @param co Parent compliance object* @param indent Number of indents* @param filters Filter* @throws Exception*/public static void traverseProcesses(

SecurityToken token,ComplianceServicePort cs,ComplianceObject co,int indent,SelectionFilters filters) throws Exception

{// Retrieve all processes under parent objectProcessDetails[] processes = cs.getProcesses(token, co.getId(), filters);// Iterate through all processesfor (int i = 0, length = processes.length; i < length; i++){

StringBuffer buffer = new StringBuffer(40);for (int j = 0; j < indent; j++){

buffer.append(" ");}

System.out.println(buffer.append("Process=>").append(processes[i].getName()).to String());// Traverse all subprocessestraverseSubProcesses(token, cs, processes[i], indent + 4, filters);// Traverse all control objectivestraverseControlObjectives(token, cs, processes[i], indent + 4, filters);


}}/*** Retrieve and process all subprocesses under parent object** @param token Security token* @param cs Compliance service* @param co Parent compliance object* @param indent Number of indents* @param filters Filter* @throws Exception*/public static void traverseSubProcesses(


{// Retrieve all sub-processesSubProcessDetails[] subprocesses = cs.getSubProcesses(token, co.getId(), filters);// Iterate through all sub-processesfor (int i = 0, length = subprocesses.length; i < length; i++){



System.out.println(buffer.append("SubProcess=>").append(subprocesses[i].getName()).toString());// Traverse all control objectivestraverseControlObjectives(token, cs, subprocesses[i], indent + 4, filters);

}}/*** Retrieve and process all control objectives under parent object** @param token Security token* @param cs Compliance service* @param co Parent compliance object* @param indent Number of indents* @param filters Filter* @throws Exception*/public static void traverseControlObjectives(


{ControlObjectiveDetails[] cos = cs.getControlObjectives(token, co.getId(), filters);for (int i = 0, length = cos.length; i < length; i++){



System.out.println(buffer.append("ControlObjective=>").append(cos[i].getName()).toString());// Traverse through all riskstraverseRisks(token, cs, cos[i], indent + 4, filters);

}}/*** Retrieve and process all risks under parent object** @param token Security token* @param cs Compliance service* @param co Parent compliance object* @param indent Number of indents* @param filters Filter* @throws Exception*/public static void traverseRisks(


{RiskDetails[] risks = cs.getRisks(token, co.getId(), filters);for (int i = 0, length = risks.length; i < length; i++){


buffer.append(" ");

Chapter 3. Sample OpenAccess code 25

}

System.out.println(buffer.append("Risk=>").append(risks[i].getName()).toString());// Traverse all controlstraverseControls(token, cs, risks[i], indent + 4, filters);

}}/*** Retrieve and process all controls under parent object** @param token Security token* @param cs Compliance service* @param co Parent compliance object* @param indent Number of indents* @param filters Filter* @throws Exception*/public static void traverseControls(


{ControlDetails[] controls = cs.getControls(token, co.getId(), filters);for (int i = 0, length = controls.length; i < length; i++){



System.out.println(buffer.append("Control=>").append(controls[i].getName()).toString());traverseTests(token, cs, controls[i], indent + 4, filters);

}}/*** Retrieve and process all tests under parent object** @param token Security token* @param cs Compliance service* @param co Parent compliance object* @param indent Number of indents* @param filters Filter* @throws Exception*/public static void traverseTests(


{TestDetails[] tests = cs.getTests(token, co.getId(), filters);for (int i = 0, length = tests.length; i < length; i++){



System.out.println(buffer.append("Test=>").append(tests[i].getName()).toString());// Traverse all test resultstraverseTestResults(token, cs, tests[i], indent + 4, filters);

}if (tests.length == 0){

return;}// The following block updates a test result with a new external url linkTestDetails test = tests[tests.length - 1];updateTest(token, cs, test);createNewTestResult(token, cs, test);

}/*** This method creates a new test result compliance object for a test compliance object. The* test result also contains an attachment and an issue, which are also created and* associated with the test result object.** @param token Security token* @param cs Compliance service* @param test Parent test object* @throws RemoteException*/private static void createNewTestResult(SecurityToken token, ComplianceServicePort cs, TestDetails test) throws RemoteException{

System.out.println("Create new test result for test" + test.getName());// create a test result for our test


TestResultDetails tr = createTestResult(token, cs, test);// create an attachment for the test result objectcreateAttachmentForTestResult(tr);// create an issue for the test result objectIssueDetails issue = createIssueForTestResult(token, cs, tr);// create an action item for the issue objectcreateActionItemsForIssue(token, cs, issue);// Invoke compliance service to create test result, attachment, issue, and action itemcs.createComplianceObject0(token, test.getId(), tr);

}/*** This method create a new test result based on parent test name** @param token Security token* @param cs Compliance service* @param test Parent test object* @return Created test result object* @throws RemoteException*/private static TestResultDetails createTestResult(SecurityToken token, ComplianceServicePort cs, TestDetails test) throws RemoteException{

TestResultDetails tr = new TestResultDetails();tr.setName("Test result for test " + test.getName() + " created at time " + sSimpleDateFormatter.format(new Date()));tr.setDescription("Test result for test " + test.getName() + " created at time " + sSimpleDateFormatter.format(new Date()));// now populate test result propertiesMetaDataDetails trMeta = cs.getMetaData(token, tr, sLocale);int nProperties = trMeta.getPropertyFieldDefinitions().length;PropertyField[] fields = new PropertyField[nProperties];tr.setProperties(fields);populatePropertyFields(fields, trMeta);return tr;

}/*** This method creates an action item for parent issue** @param token Security token* @param cs Compliance object* @param issue Parent issue object* @throws RemoteException*/private static void createActionItemsForIssue(SecurityToken token, ComplianceServicePort cs, IssueDetails issue) throws RemoteException{

PropertyField[] fields;// create action item and set its name based on the parent’s nameActionItemDetails ai = new ActionItemDetails();ai.setName("Action item for issue" + issue.getName() + " created at time " + sSimpleDateFormatter.format(new Date()));ai.setDescription("Action item for issue" + issue.getName() + " created at time " + sSimpleDateFormatter.format(new Date()));MetaDataDetails aiMeta = cs.getMetaData(token, ai, null);fields = new PropertyField[aiMeta.getPropertyFieldDefinitions().length];ai.setProperties(fields);populatePropertyFields(fields, aiMeta);issue.setActionItems(new ActionItemDetails[] { ai });

}/*** Create a new issue object for the parent test result object** @param token Security token* @param cs Compliance object* @param tr Parent test result object* @return Created issue object* @throws RemoteException*/private static IssueDetails createIssueForTestResult(SecurityToken token, ComplianceServicePort cs, TestResultDetails tr) throws RemoteException{

PropertyField[] fields;//create an issue and set its name based on the parent’s nameIssueDetails issue = new IssueDetails();issue.setName("Issue for test result" + tr.getName() + " created at time " + sSimpleDateFormatter.format(new Date()));issue.setDescription("Issue result for test " + tr.getName() + " created at time " + sSimpleDateFormatter.format(new Date()));MetaDataDetails issueMeta = cs.getMetaData(token, issue, sLocale);fields = new PropertyField[issueMeta.getPropertyFieldDefinitions().length];issue.setProperties(fields);populatePropertyFields(fields, issueMeta);tr.setIssue(issue);return issue;

}/*** This method creates a new attachment object for parent test result object** @param tr Parent test result object*/private static void createAttachmentForTestResult(TestResultDetails tr){

// create test result with attachmentAttachment attachment = new Attachment();attachment.setName("Test result for test result " + tr.getName() + " created at time " + sSimpleDateFormatter.format(new Date()));attachment.setContent("My dump content goes here\nhello\nworld\n".getBytes());Attachment[] attachments = new Attachment[1];attachments[0] = attachment;tr.setAttachments(attachments);


}/*** This method looks up tests based on the test name. Note: This only works for equal operation* at this point.** @param token Security token* @param cs Compliance service*/private static void lookupTestsByName(SecurityToken token, ComplianceServicePort cs) throws Exception{

String testName = "Review Cash%";// This follow block sets up the selection filtersSelectionFilters filters = new SelectionFilters();SelectionFilter filter = new SelectionFilter();filters.setFilter(filter);// In this test case we use one property field filter and set the property field name to// ’name’// and value to the test’s namePropertyFieldFilter[] pfFilters = new PropertyFieldFilter[1];pfFilters[0] = new PropertyFieldFilter();PropertyField pf = new PropertyField();pf.setName("name");pf.setIsStringType(true);pf.setStringValue(testName);pfFilters[0].setProperty(pf);pfFilters[0].setIsEqual(true);filter.setPropertyFieldFilters(pfFilters);ComplianceObject[] tests = cs.getComplianceObjects(token, new TestDetails(), filters);System.out.println("Found No. of tests " + tests.length + " named ’" + testName + "’");

}/*** This method looks up test results based on the modified date. Note: This only works for* greater than operation at this point.** @param token Security token* @param cs Compliance service*/private static void lookupTestResultsByModifiedDate(SecurityToken token, ComplianceServicePort cs) throws Exception{

SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd");String stringDate = "2005-07-10";// This follow block sets up the selection filtersSelectionFilters filters = new SelectionFilters();SelectionFilter filter = new SelectionFilter();filters.setFilter(filter);// In this test case we use one property field filter and set the property field name to// ’modifiedDate’// and value to the test’s namePropertyFieldFilter[] pfFilters = new PropertyFieldFilter[1];pfFilters[0] = new PropertyFieldFilter();PropertyField pf = new PropertyField();pf.setName("modifiedDate");Calendar date = Calendar.getInstance();date.setTime(formatter.parse(stringDate));pf.setIsDateType(true);pf.setDateValue(date);pfFilters[0].setProperty(pf);pfFilters[0].setIsGreaterThan(true);filter.setPropertyFieldFilters(pfFilters);ComplianceObject[] tests = cs.getComplianceObjects(token, new TestResultDetails(), filters);System.out.println("Found No. of test results " + tests.length + " created after ’" + stringDate + "’");

}/*** This method looks up test results based on a custom property field of date type Note: This* works for all six conditions.** @param token Security token* @param cs Compliance service*/private static void lookupTestResultsByDateCustomProperty(SecurityToken token, ComplianceServicePort cs) throws Exception{

SimpleDateFormat formatter = new SimpleDateFormat("yyyy-MM-dd");String stringDate = "2005-07-10";// This follow block sets up the selection filtersSelectionFilters filters = new SelectionFilters();SelectionFilter filter = new SelectionFilter();filters.setFilter(filter);PropertyFieldFilter[] pfFilters = new PropertyFieldFilter[1];pfFilters[0] = new PropertyFieldFilter();PropertyField pf = new PropertyField();pf.setName("Date Performed");Calendar date = Calendar.getInstance();date.setTime(formatter.parse(stringDate));pf.setIsDateType(true);pf.setDateValue(date);pfFilters[0].setProperty(pf);pfFilters[0].setIsGreaterEqual(true); // all six operations are supportedfilter.setPropertyFieldFilters(pfFilters);ComplianceObject[] tests = cs.getComplianceObjects(token, new TestResultDetails(), filters);System.out.println("Found No. of test results " + tests.length + " performed at or after ’" + stringDate + "’");


}/*** This method looks up tests results based on a custom property of string type. Note: For string type* only equal and not equal condition are supported.** @param token Security token* @param cs Compliance service*/private static void lookupTestResultsByStringCustomProperty(SecurityToken token, ComplianceServicePort cs) throws Exception{

String performedBy = "Approval";String pfName = "Control Owner";// This follow block sets up the selection filtersSelectionFilters filters = new SelectionFilters();SelectionFilter filter = new SelectionFilter();filters.setFilter(filter);PropertyFieldFilter[] pfFilters = new PropertyFieldFilter[1];pfFilters[0] = new PropertyFieldFilter();PropertyField pf = new PropertyField();pf.setName(pfName);pf.setIsStringType(true);pf.setStringValue(performedBy);pfFilters[0].setProperty(pf);pfFilters[0].setIsEqual(true); // only equals or not equals workfilter.setPropertyFieldFilters(pfFilters);ComplianceObject[] controls = cs.getComplianceObjects(token, new ControlDetails(), filters);System.out.println("Found No. of controls " + controls.length + " " + pfName + " ’" + performedBy + "’");

}/*** This method looks up tests by on custom property of integer type Note: For integer type all six* conditions are supported.** @param token Security token* @param cs Compliance service*/private static void lookupTestsByIntegerCustomProperty(SecurityToken token, ComplianceServicePort cs) throws Exception{

int frequency = 10;String pfName = "Test Frequency Offset";// This follow block sets up the selection filtersSelectionFilters filters = new SelectionFilters();SelectionFilter filter = new SelectionFilter();filters.setFilter(filter);PropertyFieldFilter[] pfFilters = new PropertyFieldFilter[1];pfFilters[0] = new PropertyFieldFilter();PropertyField pf = new PropertyField();pf.setName(pfName);pf.setIsIntegerType(true);pf.setIntegerValue(frequency);pfFilters[0].setProperty(pf);pfFilters[0].setIsEqual(true); // only equals or not equals workfilter.setPropertyFieldFilters(pfFilters);ComplianceObject[] tests = cs.getComplianceObjects(token, new TestDetails(), filters);System.out.println("Found No. of tests " + tests.length + " " + pfName + " ’" + frequency + "’");

}/*** This method looks up tests based on custom field of enumeration type Note: Only equal and not* equal conditions are support** @param token Security token* @param cs Compliance service*/private static void lookupTestsByEnumerationCustomProperty(SecurityToken token, ComplianceServicePort cs) throws Exception{

int index = 10;String pfName = "Continuous Monitored";// This follow block sets up the selection filtersSelectionFilters filters = new SelectionFilters();SelectionFilter filter = new SelectionFilter();filters.setFilter(filter);PropertyFieldFilter[] pfFilters = new PropertyFieldFilter[1];pfFilters[0] = new PropertyFieldFilter();PropertyField pf = new PropertyField();pf.setName(pfName);pf.setIsEnumType(true);MetaDataDetails metaDetails = cs.getMetaData(token, new ControlDetails(), sLocale);PropertyFieldMetaData[] pfMetaDatas = metaDetails.getPropertyFieldDefinitions();EnumerationSelection[] enumSelections = null;for (int i = 0; i < pfMetaDatas.length; i++){

PropertyFieldMetaData pfMetaData = pfMetaDatas[i];// System.out.println(pfMetaData.getPropertyField().getName());if (pfMetaData.getPropertyField().getName().startsWith(pfName)){

enumSelections = pfMetaData.getPropertyField().getEnumerationSelections();break;

}}if (enumSelections != null){


EnumerationSelection enumSelection = new EnumerationSelection();

enumSelection.setSelectedIndex(enumSelections[1].getSelectedIndex()); // set enumerated value to be that of "yes", which is the second valuepf.setEnumerationSelections(new EnumerationSelection[] { enumSelection });pfFilters[0].setProperty(pf);pfFilters[0].setIsEqual(true); // only equals or not equals work filter.setPropertyFieldFilters(pfFilters);ComplianceObject[] controls = cs.getComplianceObjects(token, new ControlDetails(), filters);System.out.println("Found No. of controls " + controls.length + " " + pfName + "=’" + enumSelections[1].getSelectedValue() + "’");

}}/*** Update an existing test object** @param token Security token* @param cs Compliance service object* @param test Test object to be updated* @throws RemoteException*/private static void updateTest(SecurityToken token, ComplianceServicePort cs, TestDetails test) throws RemoteException{

System.out.println("Updating test " + test.getName());// this block updates the test with an external url linkExternalUrlLink[] links = new ExternalUrlLink[1];ExternalUrlLink urlLink = new ExternalUrlLink();links[0] = urlLink;urlLink.setName("Sample link for " + test.getName() + " created at time " + sSimpleDateFormatter.format(new Date()));urlLink.setUriLink("http://www.greenlight.com/mytestslink");// blank out existing properties so no properties gets updated or pass in// the updated propertiestest.setProperties(new PropertyField[0]);test.setExternalUrlLinks(links);cs.updateComplianceObject(token, test);

}private static void populateCurrencyField(CurrencyField cf){

try{List currencies = getCurrencyMetaData();int i = random.nextInt(currencies.size());CurrencyMetaData cm = (CurrencyMetaData)currencies.get(i);cf.setExchangerate(cm.getExchangeRate());cf.setIsoCode(cm.getIsoCode());cf.setAmount(989);

}catch(Exception e){e.printStackTrace();

}}public static SecurityToken getToken(String username, String password) throws Exception{SecurityServicePort port = sService.getSecurityServicePort();// log into the system and retrieve a security token, which will be used by follow on// callreturn port.login(username, password);

}public static List getCurrencyMetaData() throws Exception{

if(currencyMetaData == null){SecurityToken token = getToken(username, password);ComplianceServicePort csPort = cService.getComplianceServicePort();CurrencyMetaData[] cm = csPort.getAvailableCurrencies(token);currencyMetaData = new ArrayList();for(int i=0; i < cm.length; i++){

currencyMetaData.add(cm[i]);}

}return currencyMetaData;

}/*** This method populates all property fields of a compliance object based on its meta data** @param fields Property fields of the compliance object to be populated* @param metadata Metadata for the compliance object*/private static void populatePropertyFields(PropertyField[] fields, MetaDataDetails metadata){

for (int i = 0, length = fields.length; i < length; i++){

PropertyFieldMetaData pfMeta = metadata.getPropertyFieldDefinitions()[i];fields[i] = pfMeta.getPropertyField();if (fields[i].getIsBooleanType()){

fields[i].setBooleanValue(true);}else if (fields[i].getIsDoubleType()){

fields[i].setDoubleValue(978.321F);}else if (fields[i].getIsIntegerType()){

fields[i].setIntegerValue(50);}else if (fields[i].getIsStringType()){

fields[i].setStringValue(fields[i].getName() + "’s value is String. Setting some dump string value");


}else if (fields[i].getIsDateType()){

fields[i].setDateValue(Calendar.getInstance());}else if (fields[i].getIsCurrencyType()){CurrencyField cf = new CurrencyField();populateCurrencyField(cf);fields[i].setCurrencyValue(cf);}else if (fields[i].getIsEnumType()){

EnumerationSelection[] selections = new EnumerationSelection[1];selections[0] = new EnumerationSelection();

selections[0].setSelectedIndex(fields[i].getEnumerationSelections()[0].getSelectedIndex());fields[i].setEnumerationSelections(selections);

}}

}/*** This method traverse for test results object based for a parent compliance object** @param token Security token* @param cs Compliance service* @param co Parent compliance object* @param indent Number of indents* @param filters Filter* @throws Exception*/public static void traverseTestResults(


{TestResultDetails[] trs = cs.getTestResults(token, co.getId(), filters);for (int i = 0, length = trs.length; i < length; i++){


buffer.append(" ");}System.out.println(buffer.append("Test Result=>").append(trs[i].getName()).toString());

}}public static void main(String[] args){

try{

initialize();SecurityToken token = getToken(username, password);// point at compliance service end pointComplianceServicePort cs = cService.getComplianceServicePort();//MetaDataDetails businessEntityMetaData = cs.getMetaData(token, new BusinessEntity(),// sLocale);// MetaDataDetails processMetaData = cs.getMetaData(token, new ProcessDetails(),// sLocale);SelectionFilters filters = new SelectionFilters();// setting this flag to true to retrieve all custom relationshipsfilters.setDoesIncludeCustomAssociations(false);// setting this flag to true to retrieve all custom propertiesfilters.setDoesIncludeProperties(true);// Retrieve all business entitiesBusinessEntity[] businessEntities = cs.getBusinessEntities(token, 5, filters);// Proceed to find Business Entity called "Boston Office"BusinessEntity bostonOffice = null;System.out.println("======= Beginning of sample program execution ======");for (int i = 0, length = businessEntities.length; i < length; i++){

if (businessEntities[i].getName().equalsIgnoreCase("Boston Office")){

bostonOffice = businessEntities[i];break;

}}if (bostonOffice != null){

System.out.println("Business Entity=>Boston Office");int indent = 4;// Traverse and process all processes under business entity "Boston Office"traverseProcesses(token, cs, bostonOffice, indent, filters);

}lookupTestsByName(token, cs);lookupTestResultsByModifiedDate(token, cs);lookupTestResultsByDateCustomProperty(token, cs);lookupTestResultsByStringCustomProperty(token, cs);lookupTestsByIntegerCustomProperty(token, cs);


lookupTestsByEnumerationCustomProperty(token, cs);sService.getSecurityServicePort().logout(token);System.out.println("======= End of sample program execution ======");

}catch (Exception e){

// TASK: handle exceptione.printStackTrace();

}}

}


Appendix. ICompliance interface code

This appendix contains the Java definition for the ICompliance interface.package com.openpages.webservices.compliance;

public interface IComplianceWebServices {

/**

* This method returns themetadata object for the input compliance object type

*

* @param token Security token object

*@param baseComplianceObject Compliance object

*@param locale Locale object

* @return The metadataobject corresponds to the input compliance object

*/

public com.openpages.webservices.metadata.MetaDataDetailsgetMetaData(com.openpages.webservices.security.SecurityToken securityToken,com.openpages.webservices.compliance.vo.BaseComplianceObject baseComplianceObject,com.openpages.webservices.common.OpenpagesLocale locale);

/**

* Create a new standalonecompliance object, identified by its full path

*


*@param complianceObject Compliance object that has to be created

* @return Created compliance object’s id

*/

public long createComplianceObject(com.openpages.webservices.security.SecurityTokentoken, com.openpages.webservices.compliance.vo.BaseComplianceObjectbaseComplianceObject);

/**

*Create a new compliance object and associate it with the parent object,identified by the parentId

*

*@param token Security token object

* @param parentIdIdentifies the resource object to associated with

*@param complianceObject Compliance object that has to be created

* @return Created compliance object’s id

*/

public long createComplianceObject(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.vo.ComplianceObjectcomplianceObject);

/**

33

*Create an issue and action item, associated with the parent objectidentified by the input id

*


* @param parentIdIdentifies the resource object to associated with

*@param issue Issue object

* @param actionItemsAction item objects, can be null

* @return Createdissue’s id

*/

public longcreateIssue(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.vo.IssueDetailsissueDetails, com.openpages.webservices.compliance.vo.ActionItemDetails[]actionItemDetails);

/**

*This method returns all compliance objects for input compliance objecttype

*

* @param token Securitytoken object

* @param complianceObject the typeof compliance objects that have to be retrieved

*@param filters Selection filters object

* @returnArray of compliance objects

*/

public com.openpages.webservices.compliance.vo.ComplianceObject[]getComplianceObjects(com.openpages.webservices.security.SecurityTokentoken, com.openpages.webservices.compliance.vo.ComplianceObject complianceObject,com.openpages.webservices.compliance.SelectionFilters selectionFilters);

/**

* This method returns allchild compliance objects under the input root,

*identified by rootId and for the input compliance object type

*

* @param token Security tokenobject

* @param parentId Parent Id identifiesthe parent compliance object to associate with

*@param complianceObject the type of compliance objects that have tobe retrieved

* @param filters Selection filtersobject

* @return Array of compliance objects

*/


public com.openpages.webservices.compliance.vo.ComplianceObject[]getComplianceObjects(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.vo.ComplianceObjectcomplianceObject, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child business entities satisfying the selectioncriteria

*

* @param tokenSecurity token object

* @param level Level ofentities returned

* @param filters Selectionfilters object

* @return Array of business entities

*/ public com.openpages.webservices.compliance.vo.BusinessEntity[]getBusinessEntities(com.openpages.webservices.security.SecurityTokentoken, int level, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*Create an issue and action item, associated with the parent objectidentified by the input id

*


* @param complianceObjectIdId for the compliance object to retrieve

*/

public com.openpages.webservices.compliance.vo.ComplianceObjectgetComplianceObject(com.openpages.webservices.security.SecurityTokentoken, long complianceObjectId);

/**

* Create an issue and action item, associated withthe parent object identified by the input id

*


*@param complianceObject Compliance object

*/

public void updateComplianceObject(com.openpages.webservices.security.SecurityTokentoken, com.openpages.webservices.compliance.vo.ComplianceObject complianceObject);

/**

* Update a compliance objectby the input custom property names and values

*

* All date type must be in either "yyyy-MM-dd" or "yyy-MM-ddhh:mm:ss" format.

*

* @paramtoken Security token object

* @param id Complianceobject id

Appendix. ICompliance interface code 35

* @param propertyNames Names of propertyfields to update

* @param propertyValues Valuesof property fields to update to

*/

public void updateComplianceObject(com.openpages.webservices.security.SecurityTokentoken, long id, java.lang.String[] propertyNames, java.lang.String[]propertyValues);

/**

* Returnall available reporting periods

*

* @param token Security token

*@return An array of reporting periods

*/

public com.openpages.webservices.compliance.vo.ReportingPeriod[]getAvailableReportingPeriods(com.openpages.webservices.security.SecurityTokentoken);

/**

* Returns allthe Available Currencies meta data.

*

* @param token Security token

*@return An array of CurrencyMetaData

*/

public com.openpages.webservices.metadata.CurrencyMetaData[]getAvailableCurrencies(com.openpages.webservices.security.SecurityTokentoken);

/**

* Returns theBase Currency ISO Code.

*

*@param token Security token

* @return Base CurrencyISO Code.

*/

public java.lang.StringgetBaseISOCode(com.openpages.webservices.security.SecurityToken token);

/**

* This method returns allchild SubAccountDetails objects under the given parent, identifiedby rootId

*

* All date typemust be in either "yyyy-MM-dd" or "yyy-MM-dd hh:mm:ss" format.

*

* @param token Security tokenobject

* @param parentId Parent compliance objectid


* @param propertyNames Names of property fieldsto update

* @return An array of SubAccountDetailsobjects

*/

public com.openpages.webservices.compliance.vo.SubAccountDetails[]getSubAccounts(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child Requirement objects under the givenparent, identified by rootId

*

*All date type must be in either "yyyy-MM-dd" or "yyy-MM-dd hh:mm:ss"format.

*


* @param parentId Parentcompliance object id

* @param propertyNames Namesof property fields to update

* @return An arrayof Requirement objects

*/

public com.openpages.webservices.compliance.vo.Requirement[]getRequirement(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child LossEventDetails objects under the givenparent, identified by rootId

*


*




* @return An arrayof LossEventDetails objects

*/

public com.openpages.webservices.compliance.vo.LossEventDetails[]getLossEvents(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**


*This method returns all child ApplicationDetails objects under thegiven parent, identified by rootId

*


*


* @param parentIdParent compliance object id

* @param propertyNamesNames of property fields to update

* @returnAn array of ApplicationDetails objects

*/

public com.openpages.webservices.compliance.vo.ApplicationDetails[]getApplications(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child PersonnelDetails objects under the givenparent, identified by rootId

*


*




* @return An arrayof PersonnelDetails objects

*/

public com.openpages.webservices.compliance.vo.PersonnelDetails[]getPersonnel(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child ServiceDetails objects under the givenparent, identified by rootId

*


*





* @return An arrayof ServiceDetails objects

*/

public com.openpages.webservices.compliance.vo.ServiceDetails[]getServices(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child IssueDetails objects under the givenparent, identified by rootId

*


*




* @return An arrayof IssueDetails objects

*/

public com.openpages.webservices.compliance.vo.IssueDetails[]getIssues(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child ControlDetails objects under the givenparent, identified by rootId

*


*




* @return An arrayof ControlDetails objects

*/

public com.openpages.webservices.compliance.vo.ControlDetails[]getControls(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**


*This method returns all child KeyPerfIndicatorValueDetails objectsunder the given parent, identified by rootId

*


*




* @returnAn array of KeyPerfIndicatorValueDetails objects

*/

public com.openpages.webservices.compliance.vo.KeyPerfIndicatorValueDetails[]getKeyPerfIndicatorValues(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child KeyRiskIndicatorValueDetails objectsunder the given parent, identified by rootId

*


*




* @returnAn array of KeyRiskIndicatorValueDetails objects

*/

public com.openpages.webservices.compliance.vo.KeyRiskIndicatorValueDetails[]getKeyRiskIndicatorValues(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child TestDetails objects under the givenparent, identified by rootId

*


*





* @return An arrayof TestDetails objects

*/

public com.openpages.webservices.compliance.vo.TestDetails[]getTests(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child LossImpactDetails objects under thegiven parent, identified by rootId

*


*




* @returnAn array of LossImpactDetails objects

*/

public com.openpages.webservices.compliance.vo.LossImpactDetails[]getLossImpacts(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child Finding objects under the given parent,identified by rootId

*


*




* @return An arrayof Finding objects

*/

public com.openpages.webservices.compliance.vo.Finding[]getFinding(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child ProcessDetails objects under the givenparent, identified by rootId

*



*




* @return An arrayof ProcessDetails objects

*/

public com.openpages.webservices.compliance.vo.ProcessDetails[]getProcesses(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child AccountDetails objects under the givenparent, identified by rootId

*


*




* @return An arrayof AccountDetails objects

*/

public com.openpages.webservices.compliance.vo.AccountDetails[]getAccounts(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child RiskAssessmentDetails objects underthe given parent, identified by rootId

*


*




* @returnAn array of RiskAssessmentDetails objects

*/


public com.openpages.webservices.compliance.vo.RiskAssessmentDetails[]getRiskAssessments(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child Assignment objects under the given parent,identified by rootId

*


*




* @return An arrayof Assignment objects

*/

public com.openpages.webservices.compliance.vo.Assignment[]getAssignment(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child Workpaper objects under the given parent,identified by rootId

*


*




* @return An arrayof Workpaper objects

*/

public com.openpages.webservices.compliance.vo.Workpaper[]getWorkpaper(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child ExternalLossDetails objects under thegiven parent, identified by rootId

*


*





* @returnAn array of ExternalLossDetails objects

*/

public com.openpages.webservices.compliance.vo.ExternalLossDetails[]getExternalLoss(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child AuditProgram objects under the givenparent, identified by rootId

*


*




* @return An arrayof AuditProgram objects

*/

public com.openpages.webservices.compliance.vo.AuditProgram[]getAuditProgram(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child BusinessEntity objects under the givenparent, identified by rootId

*


*




* @return An arrayof BusinessEntity objects

*/


public com.openpages.webservices.compliance.vo.BusinessEntity[]getChildBusinessEntities(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child InfrastructureDetails objects underthe given parent, identified by rootId

*


*




* @returnAn array of InfrastructureDetails objects

*/

public com.openpages.webservices.compliance.vo.InfrastructureDetails[]getInfrastructure(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child SubmandateDetails objects under thegiven parent, identified by rootId

*


*




* @returnAn array of SubmandateDetails objects

*/

public com.openpages.webservices.compliance.vo.SubmandateDetails[]getSubmandates(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child ControlObjectiveDetails objects underthe given parent, identified by rootId

*


*





* @returnAn array of ControlObjectiveDetails objects

*/

public com.openpages.webservices.compliance.vo.ControlObjectiveDetails[]getControlObjectives(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child LossRecoveryDetails objects under thegiven parent, identified by rootId

*


*




* @returnAn array of LossRecoveryDetails objects

*/

public com.openpages.webservices.compliance.vo.LossRecoveryDetails[]getLossRecoveries(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child ActionItemDetails objects under thegiven parent, identified by rootId

*


*




* @returnAn array of ActionItemDetails objects

*/

public com.openpages.webservices.compliance.vo.ActionItemDetails[]getActionItems(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**


*This method returns all child MandateDetails objects under the givenparent, identified by rootId

*


*




* @return An arrayof MandateDetails objects

*/

public com.openpages.webservices.compliance.vo.MandateDetails[]getMandates(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child RiskDetails objects under the givenparent, identified by rootId

*


*




* @return An arrayof RiskDetails objects

*/

public com.openpages.webservices.compliance.vo.RiskDetails[]getRisks(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child ScenarioAnalysisDetails objects underthe given parent, identified by rootId

*


*





* @returnAn array of ScenarioAnalysisDetails objects

*/

public com.openpages.webservices.compliance.vo.ScenarioAnalysisDetails[]getScenarioAnalysis(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child KeyPerfIndicatorDetails objects underthe given parent, identified by rootId

*


*




* @returnAn array of KeyPerfIndicatorDetails objects

*/

public com.openpages.webservices.compliance.vo.KeyPerfIndicatorDetails[]getKeyPerfIndicators(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child AuditPhase objects under the given parent,identified by rootId

*


*




* @return An arrayof AuditPhase objects

*/

public com.openpages.webservices.compliance.vo.AuditPhase[]getAuditPhase(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child TestResultDetails objects under thegiven parent, identified by rootId


*


*




* @returnAn array of TestResultDetails objects

*/

public com.openpages.webservices.compliance.vo.TestResultDetails[]getTestResults(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child KeyRiskIndicatorDetails objects underthe given parent, identified by rootId

*


*




* @returnAn array of KeyRiskIndicatorDetails objects

*/

public com.openpages.webservices.compliance.vo.KeyRiskIndicatorDetails[]getKeyRiskIndicators(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child IncidentDetails objects under the givenparent, identified by rootId

*


*




* @return An arrayof IncidentDetails objects

*/


public com.openpages.webservices.compliance.vo.IncidentDetails[]getIncidents(com.openpages.webservices.security.SecurityTokentoken, long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

/**

*This method returns all child SubProcessDetails objects under thegiven parent, identified by rootId

*


*




* @returnAn array of SubProcessDetails objects

*/

public com.openpages.webservices.compliance.vo.SubProcessDetails[]getSubProcesses(com.openpages.webservices.security.SecurityToken token,long parentId, com.openpages.webservices.compliance.SelectionFiltersselectionFilters);

}


Notices

This information was developed for products and services offered in the U.S.A.

IBM may not offer the products, services, or features discussed in this document inother countries. Consult your local IBM representative for information on theproducts and services currently available in your area. Any reference to an IBMproduct, program, or service is not intended to state or imply that only that IBMproduct, program, or service may be used. Any functionally equivalent product,program, or service that does not infringe any IBM intellectual property right maybe used instead. However, it is the user's responsibility to evaluate and verify theoperation of any non-IBM product, program, or service. This document maydescribe products, services, or features that are not included in the Program orlicense entitlement that you have purchased.

IBM may have patents or pending patent applications covering subject matterdescribed in this document. The furnishing of this document does not grant youany license to these patents. You can send license inquiries, in writing, to:

IBM Director of LicensingIBM CorporationNorth Castle DriveArmonk, NY 10504-1785U.S.A.

For license inquiries regarding double-byte (DBCS) information, contact the IBMIntellectual Property Department in your country or send inquiries, in writing, to:

Intellectual Property LicensingLegal and Intellectual Property LawIBM Japan Ltd.19-21, Nihonbashi-Hakozakicho, Chuo-kuTokyo 103-8510, Japan

The following paragraph does not apply to the United Kingdom or any othercountry where such provisions are inconsistent with local law: INTERNATIONALBUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS"WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED,INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OFNON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULARPURPOSE. Some states do not allow disclaimer of express or implied warranties incertain transactions, therefore, this statement may not apply to you.

This information could include technical inaccuracies or typographical errors.Changes are periodically made to the information herein; these changes will beincorporated in new editions of the publication. IBM may make improvementsand/or changes in the product(s) and/or the program(s) described in thispublication at any time without notice.

Any references in this information to non-IBM Web sites are provided forconvenience only and do not in any manner serve as an endorsement of those Websites. The materials at those Web sites are not part of the materials for this IBMproduct and use of those Web sites is at your own risk.

51

IBM may use or distribute any of the information you supply in any way itbelieves appropriate without incurring any obligation to you.

Licensees of this program who wish to have information about it for the purposeof enabling: (i) the exchange of information between independently createdprograms and other programs (including this one) and (ii) the mutual use of theinformation which has been exchanged, should contact:

IBM CorporationLocation Code FT0550 King StreetLittleton, MA 01460-1250U.S.A.

Such information may be available, subject to appropriate terms and conditions,including in some cases, payment of a fee.

The licensed program described in this document and all licensed materialavailable for it are provided by IBM under terms of the IBM Customer Agreement,IBM International Program License Agreement or any equivalent agreementbetween us.

Any performance data contained herein was determined in a controlledenvironment. Therefore, the results obtained in other operating environments mayvary significantly. Some measurements may have been made on development-levelsystems and there is no guarantee that these measurements will be the same ongenerally available systems. Furthermore, some measurements may have beenestimated through extrapolation. Actual results may vary. Users of this documentshould verify the applicable data for their specific environment.

Information concerning non-IBM products was obtained from the suppliers ofthose products, their published announcements or other publicly available sources.IBM has not tested those products and cannot confirm the accuracy ofperformance, compatibility or any other claims related to non-IBM products.Questions on the capabilities of non-IBM products should be addressed to thesuppliers of those products.

All statements regarding IBM's future direction or intent are subject to change orwithdrawal without notice, and represent goals and objectives only. Thisinformation is for planning purposes only. The information herein is subject tochange before the products described become available.

This information contains examples of data and reports used in daily businessoperations. To illustrate them as completely as possible, the examples include thenames of individuals, companies, brands, and products. All of these names arefictitious and any similarity to the names and addresses used by an actual businessenterprise is entirely coincidental.

If you are viewing this information softcopy, the photographs and colorillustrations may not appear.


Copyright

Licensed Materials - Property of IBM Corporation.

© Copyright IBM Corporation, 2003, 2013.

US Government Users Restricted Rights – Use, duplication or disclosure restrictedby GSA ADP Schedule Contract with IBM Corp.

This information contains sample application programs in source language, whichillustrate programming techniques on various operating platforms. You may copy,modify, and distribute these sample programs in any form without payment toIBM, for the purposes of developing, using, marketing or distributing applicationprograms conforming to the application programming interface for the operatingplatform for which the sample programs are written.

These examples have not been thoroughly tested under all conditions. IBM,therefore, cannot guarantee or imply reliability, serviceability, or function of theseprograms. You may copy, modify, and distribute these sample programs in anyform without payment to IBM for the purposes of developing, using, marketing, ordistributing application programs conforming to IBM's application programminginterfaces.

Trademarks

IBM, the IBM logo and ibm.com are trademarks or registered trademarks ofInternational Business Machines Corp., registered in many jurisdictions worldwide.

The following terms are trademarks or registered trademarks of other companies:v Microsoft, Windows, Windows NT, and the Windows logo are trademarks of

Microsoft Corporation in the United States, other countries, or both.v Java and all Java-based trademarks and logos are trademarks or registered

trademarks of Oracle and/or its affiliates.

Other product and service names might be trademarks of IBM or other companies.A current list of IBM trademarks is available on the Web at “ Copyright andtrademark information ” at www.ibm.com/legal/copytrade.shtml.

Notices 53

http://www.ibm.com/legal/copytrade.shtml

http://www.ibm.com/legal/copytrade.shtml


Index

Special characters.jar files 23

Aaction items 12Associated Objects 5authentication 7authorization 7

Bbusiness entities 8

CCompliance 1compliance object 13, 15compliance objects 13control objectives 10controls 11create objects 4

Ddevelopment platform 2

Ffolder path 4folder structure 2

Ggroup details 19groups 17

IICompliance 33issue 15issues 12

JJDK 23

Llogin 7Logout 7

Mmetadata 14

Oobject hierarchy 2object type array name 2object type name 2OpenAccess 1

PPrerequisites 23processes 9

RReporting Periods 14retrieval methods 8risks 10

SSecurityToken 1subprocesses 10

Ttest results 11tests 11

Uuser 17user details 19user group 18user information 19user names 18UserGroupAdmin 2

WWeb services 1WSDL files 2

55

Documents

OpenAccess Integrator's Guide - IBM