PhenixID Documentation

GetHsaPersonValve

Valve for performing a person lookup against the HSAWS (v2) web service method GetHsaPerson.

This valve works on a request parameter or item property containing the user's HSA identity OR personal number. After execution, the item is populated with new properties fetched from the HSA web service.

This valve can perform lookups against the national Inera HSA WS or be used against a local (regional) HSA ws.

This valve is NOT shipped with the product. Follow the procedure below Requirements to add the valve.

Properties

Name	Description	Default value	Mandatory	Supports property expansion.
keystore_path	File path to client certificate p12 file. Ignored if keystore_id is used.		No	No
keystore_password	Keystore (p12) password. Ignored if keystore_id is used.		No	No
keystore_id	ID of keystore object in configuration.		No	No
endpointURL	HSA WS endpoint URL. Example: https://min.region.se/svr-hsaws2/hsaws		Yes	No
protocol	SSL/TLS version.	SSLv3	No	No
hsaIdentity	HSA identity value. Must not be used in combination with the personalNumber property.		No	Yes
personalNumber	Personal number. Must not be used in combination with the hsaIdentity property.		No	Yes
logicalAddress	Logical address header to be set in payload. (Usually SE165565594230-1000)		Yes	No
searchBase	Search base to be set in payload. If unknown, use c=SE.		Yes	No

Example Configuration

{
        "name": "GetHsaPersonValve",
        "config": { 
           "keystore_id": "xxxx-yyyy-zzzz-wwww",
           "endpointURL" : "https://min.region.se/svr-hsaws2/hsaws",
           "hsaIdentity" : "{{request.serialnumber}}",
           "logicalAddress" : "SE165565594230-1000",
           "searchBase" : "c=SE"
         }
}

Requirements

This information must be obtained from the HSAWS admin:
- Client certificate in p12 format to contact the web service, with permissions to call the GetHsaPerson method.
- HSAWS endpoint
PhenixID Authentication Services 4.1 or above
This patch applied.
Add trust to HSAWS endpoint SSL certificates (if non-global CAs are used) by adding the CA certificate(s) to cacerts.

Item enrichment

After a successful lookup, these item properties will be populated with values in the response:

Item property name	GetHsaPersonResponseType->UserInformation parameter name
id (item id)	hsaIdentity
hsaIdentity	hsaIdentity
DN	DN
Description	description
GivenName	givenName
HsaSwitchboardNumber	hsaSwitchboardNumber
HsaTelephoneNumber	hsaTelephoneNumbers
HsaTitles	hsaTitles
LabeledUri	labeledUri
Mail	mail
MiddleName	middleName
Mobile	mobiles
NickName	nickName
PostalAddress	postalAddress
Sn	sn
SpecialityCodes	specialityCodes
SpecialityNames	specialityNames
TelephoneHours	telephoneHours
TelephoneNumbers	telephoneNumbers
Title	title