Previous Topic: Enrollment WorkflowsNext Topic: Migrating Existing Users

CA AuthMinder Web Services GuideUnderstanding AuthMinder WorkFlowsEnrollment WorkflowsEnrolling New Users

Enrolling New Users

The user enrollment is performed by User Data Service (UDS) component of AuthMinder. UDS is used to manage organizations and users in the system. UDS also serves as an abstraction layer that provides AuthMinder seamless access to the third-party data repositories deployed by your organization.

UDS is shipped as a library file and as a WAR file (arcotuds.war).

If you are using a relational database to store the user information, then AuthMinder uses the library file to connect to the database for performing user operations.

If you are using an LDAP directory server and you want AuthMinder to seamlessly access it, then you must deploy the arcotuds.war file in the application server where your application integrated with AuthMinder is deployed. In this case, the attributes in the LDAP must be mapped to the user attributes that CA supports. This mapping information is stored in the relational database where the schema is seeded.

Book: Refer to CA AuthMinder Installation and Deployment Guide for more information on deploying UDS file. Refer to CA AuthMinder Administration Guide for more information on mapping user attributes.

The typical steps for enrolling a new user are:

  1. User accesses the enrollment page of your application.

    The user enters the information, such as user name, first name, last name, email address, and contact information required to create the users.

    Note: The username must be unique for an organization, which means two users in the same organization cannot have same username.

  2. Your application collects information entered by the user in the preceding step and calls createUser operation in the ArcotUserRegistrySvc service.

    At this stage, your application makes an explicit call to the createUser operation in ArcotUserRegistrySvc service. In this call, you pass user details such as, user name, last name, organization, PAM (Personal Assurance Message), email address, and telephone number.

    See "Creating Users" for more information on the operation used for creating users.

  3. User Data Service checks if the user exists.

    UDS checks whether the user is present in the directory service (LDAP). If the user exists, then it maps the LDAP attributes to AuthMinder database.

    If the user does not exist in the AuthMinder database, then UDS creates the user record in the database. With this, the user is enrolled with AuthMinder.

  4. AuthMinder informs the calling application.

    AuthMinder sends the status of the operation to your calling application.

The following figure illustrates the enrollment workflow when you call the createUser operation: