1.2.1 Publisher Channel

The following figure illustrates how the Publisher channel synchronizes data from the SAP HR database to the Identity Vault.

Figure 1-1 Publisher Channel Process

The SAP R/3 HR database publishes information in the form of HRMD_A IDocs by using Application Link Enabling (ALE) technology. The driver is only interested in HRMD_A Message IDocs. Any object type in these IDocs can be mapped to an Identity Vault object type and subsequently synchronized. The driver consumes the IDoc files and converts the data into XML format.

The Publisher channel polls the SAP HR database for changes, and then submits XML-formatted changes to the Metadirectory engine for publication into the Identity Vault. The engine processes the document by sequentially applying all configured policies based on standard driver process flow.

The driver can then manipulate the information using various policies and filters defined by the system administrator. The driver then submits the data to the Identity Vault. Using other Identity Manager drivers, the data can be shared with other business applications and directories. Based on business rules, these other applications can add additional data that can in turn be inserted back into the SAP HR database through Business Application Programming Interface (BAPI) technology.

1.2.2 Subscriber Channel

The following figure illustrates how the Subscriber channel synchronizes data from the Identity Vault to the SAP HR database.

Figure 1-2 Subscriber Channel Process

The Subscriber channel receives XML-formatted Identity Vault events from the Metadirectory engine. The driver then converts these documents to an appropriate data format, and updates SAP via the BAPI interface.

The Identity Vault sends changes only to the applications that have subscribed to receive them.