×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Atrium Orchestrator Content 20.15.01 ... Application adapters BMC Database Automation adapter BMC Database Automation actor adapter requests and responses Job operations for the BDA adapter

Approve_Job operation

The Approve_Job operation approves or rejects a job.

The following table describes the elements for the <items> XML element and adapter request for the Approve_Job operation:

Elements for the <items> XML element and adapter request for the Approve_Job operation

Element

Definition

Required

<target>

Specifies the complete URL with the job ID of the job to be approved or rejected

Examples:

Yes

<operation-name>

Specifies the name of operation: Approve_Job

Yes

<job-status>

Specifies the status of the job

Valid values: approved, denied

Yes

<detail>

Specifies the details or description of job approval or rejection

Valid value: Any string

Yes

<use-ssl-certificate>

Specifies whether to use an SSL certificate to establish a secure connection

Set the value of this element to true to establish a connection using the HTTPS protocol.

Set the value of this element to false or leave it blank to establish a connection using the HTTP protocol.

Valid values: true, false (default)

No

<install-certificate>

Specifies whether to install security certificates automatically

Note

You do not need this element if the <target> element uses the HTTP protocol.

Set the value of this element to true if you prefer to have security certificates installed automatically (a common practice).

Set the value of this element to alse_ if you prefer to manually export the security certificate from the BMC Database Automation server and manually import it into the cacerts file of the local peer of BMC Atrium Orchestrator (a rare file).

Valid values: true, false (default)

No

<allow-unsigned-certificate>

Specifies whether to allow unsigned certificates from trusted zones

Valid values: true, false (default)

Set the value of this element to true if you are using self-signed SSL certificates (a common practice).

On ecommerce sites or military installations, if you need to use signed certificates such as Verisign or Thawte, set the value of this element to false (a rare practice).

No

<passphrase>

Specifies the password to the keystore file (cacerts) local to the BMC Atrium Orchestrator peer

Default value: changeit

Warning

  • The value of the <passphrase> element is the passphrase for the cacerts certificate stored on the BMC Atrium Orchestrator local peer (CDP or AP) and not the BMC Database Automation target host.

  • Changing the passphrase can be tricky and might destroy the cacerts security file integrity.


Verify the cacerts passphrase using the following command in UNIX or Linux:

$ /opt/bmc/ao/cdp/jvm/bin/keytool -list -keystore
/opt/bmc/ao/cdp/jvm/lib/security/cacerts

No

<signature-properties>

Contains the elements that specify information about the public key (X.509 certificate) and the private key that are used for the digital signature

The <signature-properties> element can contain the mode attribute that specifies the format in which the public and private keys are provided for signing the HTTP request.

Valid values:

  • <signature-properties mode="keystore"> (default)
  • <signature-properties mode="key-files">
  • <signature-properties mode="key-data">

    You can provide the keys in the following formats:

  • Java Keystore (JKS)
  • Privacy Enhanced Mail (PEM)
  • Definite Encoding Rules (DER) files
  • Base64-encoded PEM

No

<keystore-file>

Specifies the path to the JKS that contains the client certificate

Conditional; required when <signature-properties mode="keystore">

<key-password>

Specifies the password of the key contained in the JKS

Note

If you do not specify <key-password>, then the value of <keystore-password> is used as the key password.

No

<keystore-password>

Specifies the password to the JKS

Conditional; required when <signature-properties mode="keystore">

<alias>

Specifies the name of the alias in the JKS that identifies the Public Key Certificate (PKC), which the web server uses to authenticate the client

Conditional; required when <signature-properties mode="keystore">

<private-key-file>

Specifies the file containing the private key, which is used to sign the HTTP request

The adapter supports the following formats:

  • Base64-encoded PEM
  • DER

Conditional; required when <signature-properties mode="key-files">

<certificate-file>

Specifies the file containing the public key (X509 Certificate)

The adapter supports the following formats:

  • Base64-encoded PEM
  • DER

Conditional; required when <signature-properties mode="key-files">

<private-key-data>

Contains an XML specifying the private key in an Base64-encoded PEM format

For example:
<private-key-data> ------ BEGIN PRIVATE KEY -----
MIICdQIBADANBgkqhkiG9w0
BAQEFAASCAl8wggJbAgEAAo
GBAKomKro6VbW4PeQtUhNz
ZpSH26vbBTBtH1r4EjnIv4vnh
SyyA62ewpROVNn0Spvjo
BFwE88HcX3tXym/zbVgtd
Pke9K+SYHP6CWdiLqn
........
------- END PRIVATE KEY -----</private-key-data>

Conditional; required when <signature-properties mode="key-data">

<certificate-data>

Contains an XML specifying the public key (X509 Certificate) in an Base64-encoded PEM format

For example:
<certificate-data> ------- BEGIN CERTIFICATE ------
MIICdzCCAeCgAwIBAgIFXseN1xYwDQYJKoZIhvcNAQEFBQ
AwUzELMAkGA1UEBhMCVVMxEzARBgNVBAoTCkFtYXpvbi5jb20x
DDAKBgNVBAsTA0FXUzEhMB8GA1UEAxMY
........
------- END CERTIFICATE -----</certificate-data>

Conditional; required when <signature-properties mode="key-data">

The following figure shows a sample <items> XML element for the Approve_Job operation:

<items> XML element for the Approve_Job operation 


<items>
  <item>
      <target></target>
      <job-status></job-status>
      <detail><detail>
  </item>
</items>

The following figure shows a sample adapter request for the Approve_Job operation:

Sample adapter request for the Approve_Job operation


<bda-request>
  <target>http://10.128.28.59/api/jobs/66</target>
   <operation-name>Approve_Job</operation-name>
   <job-status>denied</job-status>
   <detail>Approved By User</detail>
</bda-request>

The following figure shows a sample adapter request for the Approve_Job operation with SSL tags and client certificates in key-data mode:

Sample adapter request for the Approve_Job operation with SSL tags and client certificates in key-data mode


<bda-request>
 <target>https://10.128.28.59/api/jobs/66</target>
  <operation-name>Approve_Job</operation-name>
  <job-status>denied</job-status>
  <detail>Approved By User</detail>
  <use-ssl-certificate>true</use-ssl-certificate>
  <install-certificate>true</install-certificate>
  <allow-unsigned-certificate>true</allow-unsigned-certificate>
  <signature-properties mode="key-data">
    <private-key-data>-----BEGIN RSA PRIVATE KEY-----
      MIICXAIBAAKBgQDbDkji1X+Bxv7WLI5yaFTFsWgBtLPlm7x0O9iACBycLKelOZJl
      ....
      m57VRInEsLbXpJHoPISk8Gj+JL/CGK7rIcDtPebLIEs=
      -----END RSA PRIVATE KEY-----</private-key-data>
    <certificate-data>-----BEGIN CERTIFICATE-----
      MIICvzCCAigCAQEwDQYJKoZIhvcNAQEEBQAwga0xCzAJBgNVBAYTAlVTMREwDwYD
      ....
      nSYYODyuU/pfV9V+qS+p/kwk/UKgEiwnngPEFn7v3zAzXmE=
      -----END CERTIFICATE-----</certificate-data>
  </signature-properties>
</bda-request>

The following figure shows a sample adapter request for the Approve_Job operation with SSL tags and client certificates in key-files mode:

Sample adapter request for the Approve_Job operation with SSL tags and client certificates in key-files mode


<bda-request>
 <target>https://10.128.28.59/api/jobs/66</target>
  <operation-name>Approve_Job</operation-name>
  <job-status>denied</job-status>
  <detail>Approved By User</detail>
  <use-ssl-certificate>true</use-ssl-certificate>
  <install-certificate>true</install-certificate>
  <allow-unsigned-certificate>true</allow-unsigned-certificate>
  <signature-properties mode="key-files">
    <private-key-file>D:\User\ssl\BBDA_client_certs\server.key</private-key-file>
    <certificate-file>D:\User\ssl\BBDA_client_certs\server.pem</certificate-file>
  </signature-properties>
</bda-request>

The following figure illustrates the adapter response for the sample Approve_Job operation.

Sample adapter response for the Approve_Job operation


<bda-response>
  <metadata>
    <status>success</status>
  </metadata>
  <status-line>
    <code>200</code>
    <reason>OK</reason>
  </status-line>
  <header-lines>
    <Transfer-encoding>chunked</Transfer-encoding>
    <Content-type>text/html</Content-type>
  </header-lines>
  <message-body>
    <html lang="en-US">
      <head>
        <title>BBDA API</title>
        <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
      </head>
      <body>
        <job-approval>
          <detail>Approved By User</detail>
          <result>denied</result>
        </job-approval>
        <h1>Accepted request</h1>
      </body>
    </html>
  </message-body>
</bda-response>
Was this page helpful? Yes No Submitting... Thank you
Last modified by Deepa Bhat on Aug 07, 2012
bmc_database_automation bda job

Comments

Log in or register to comment.

Job operations for the BDA adapter
BMC Event Manager adapter
© Copyright 2024 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.