Online Interceptor

The Connector Online Interceptor detects, in real-time, Top Secret administration events that occur on the platform, and records them so that they can be reported to IdentityIQ. The Online Interceptor also notifies IdentityIQ of password changes made by Top Secret users. This is accomplished using the Top Secret installation exit (TSSINSTX). This exit intercepts the Top Secret commands issued in the system and the password change requests and then transfers information regarding these events to the Online Interceptor.

When password change events are intercepted, the Online Interceptor verifies the new password before notifying IdentityIQ on the password change event. If verification fails, IdentityIQ is not notified on the event. Password verification will also fail when the user whose password is changed is suspended or canceled, because Top Secret returns the same response as when password is incorrect. Therefore, IdentityIQ will not be notified on password change events for suspended or canceled users.

When the Top Secret installation exit intercepts an event, it notifies the Online Interceptor started task via cross-memory services that the event has been intercepted. The Online Interceptor records the event in Connector for Top Secret datasets. The data are then reported to IdentityIQ by the Connector Notification Server (CD), via CTSGATE.

As long as the Online Interceptor is active in the system, Top Secret events and changes are recorded, even if the Connector for Top Secret and the CTSGATE is inactive. When Connector for Top Secret is restarted, the recorded data are transmitted to IdentityIQ.

The processing flow of the Connector Online Interceptor is illustrated in the following figure.

The Connector Online Interceptor detects Top Secret events in one of the following manners:

When a Top Secret user changes his/her password during the logon process [1A], Top Secret calls TSSINSTX (POST-INIT entry).
When a user issues a Top Secret command [1B], Top Secret calls TSSINSTX (database change) to log the command.

In any of these situations, the exit that intercepts the event passes the event to the Connector Online Interceptor via cross-memory services [2]. The Online Interceptor then writes the event to the Connector QUEUE dataset [3]. The Connector Notification Server (CTSACD) reads the QUEUE dataset [4], gets the updated entity from Top Secret database, when needed (5) and transfers the event to the Connector for Top Secret Gateway (CTSGATE)

[6] which transfers the event to the Connector Gateway [7] which passes it to IdentityIQ [8].

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Online Interceptor

Documentation Feedback