NYSP Web Service FAQ



Similar documents
VMware Identity Manager Connector Installation and Configuration

Configuring User Identification via Active Directory

Authentication and Single Sign On

SSL SSL VPN

IBM SPSS Collaboration and Deployment Services Version 6 Release 0. Single Sign-On Services Developer's Guide

Broadlook CRM Suite Requirements Guide

DMH remote access. Table of Contents. Project : remote_access_dmh Date: 29/05/12 pg. 1

Easy CramBible Lab DEMO ONLY VERSION Test284,IBM WbS.DataPower SOA Appliances, Firmware V3.6.0

Use Enterprise SSO as the Credential Server for Protected Sites

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

Configuration Worksheets for Oracle WebCenter Ensemble 10.3

Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER

Configuration Guide BES12. Version 12.1

Application Note. Onsight Connect Network Requirements v6.3

Secure Messaging Server Console... 2

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

e-filing Secure Web Service User Manual

Single Sign-On Implementation Guide

LifeSize Transit Deployment Guide June 2011

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

NETASQ ACTIVE DIRECTORY INTEGRATION

Citrix Receiver for Mobile Devices Troubleshooting Guide

Please return this document to when complete.

Mobile Device Management Solution Hexnode MDM

Click Studios. Passwordstate. Installation Instructions

Setup Guide Access Manager Appliance 3.2 SP3

Using the Push Notifications Extension Part 1: Certificates and Setup

Web Application Report

StreamServe Persuasion SP5 StreamStudio

fåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé

Jobs Guide Identity Manager February 10, 2012

Enabling SSO between Cognos 8 and WebSphere Portal

Configuration Guide BES12. Version 12.2

Configuration Guide BES12. Version 12.3

Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact

SchoolBooking SSO Integration Guide

Swedbank Payment Portal Implementation Overview

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access. Integration Handbook

BlackBerry Enterprise Service 10. Version: Configuration Guide

Enabling Single-Sign-On on WebSphere Portal in IBM Cognos ReportNet

Enabling Single-Sign-On between IBM Cognos 8 BI and IBM WebSphere Portal

Novell Identity Manager

MassTransit 6.0 Enterprise Web Configuration for Macintosh OS 10.5 Server

Step by step guide to implement SMS authentication to Cisco ASA Clientless SSL VPN and Cisco VPN

Authentication. Authentication in FortiOS. Single Sign-On (SSO)

Service Manager and the Heartbleed Vulnerability (CVE )

File Transfer Service (Batch SOAP) User Guide. A Guide to Submitting batches through emedny FTS

SETUP SSL IN SHAREPOINT 2013 (USING SELF-SIGNED CERTIFICATE)

How To Configure SSL VPN in Cyberoam

If you have questions or find errors in the guide, please, contact us under the following address:

Chapter 6 Virtual Private Networking Using SSL Connections

FUJITSU Cloud IaaS Trusted Public S5 Configuring a Server Load Balancer

TROUBLESHOOTING RSA ACCESS MANAGER SINGLE SIGN-ON FOR WEB-BASED APPLICATIONS

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

HP Project and Portfolio Management Center

Soft Solutions, Inc. 4-Sight FAX 7.5. Getting Started. Soft Solutions, Inc.

HTTP communication between Symantec Enterprise Vault and Clearwell E- Discovery

HTTPS HTTP. ProxySG Web Server. Client. ProxySG TechBrief Reverse Proxy with SSL. 1 Technical Brief

New York State Federal/State Employment Tax (FSET) Handbook for Software Developers

Client configuration and migration Guide Setting up Thunderbird 3.1

PowerCenter Real-Time Development

Using SonicWALL NetExtender to Access FTP Servers

Introduction to the EIS Guide

Developer Guide to Authentication and Authorisation Web Services Secure and Public

Installation Guide. SafeNet Authentication Service

Chapter 1: General Introduction What is IIS (Internet Information Server)? IIS Manager: Default Website IIS Website & Application

Integration of Hotel Property Management Systems (HPMS) with Global Internet Reservation Systems

Flexible Identity. LDAP Synchronization Agent guide. Bronze. version 1.2

Technical White Paper

Workspot Configuration Guide for the Cisco Adaptive Security Appliance

BlackShield ID Agent for Remote Web Workplace

Brocade Certified Layer 4-7 Professional Version: Demo. Page <<1/8>>

Message Containers and API Framework

TWO-WAY & SMS MESSAGING SMS WEB SERVICE. Product White Paper. Website: Telephone: enquiries@m-science.

IBM API Management Overview IBM Corporation

NS DISCOVER 4.0 ADMINISTRATOR S GUIDE. July, Version 4.0

How To Authenticate An Ssl Vpn With Libap On A Safeprocess On A Libp Server On A Fortigate On A Pc Or Ipad On A Ipad Or Ipa On A Macbook Or Ipod On A Network

Secure XML API Integration Guide. (with FraudGuard add in)

Version 1.0 January Xerox Phaser 3635MFP Extensible Interface Platform

This presentation covers virtual application shared services supplied with IBM Workload Deployer version 3.1.

Setting Up Scan to SMB on TaskALFA series MFP s.

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

(n)code Solutions CA A DIVISION OF GUJARAT NARMADA VALLEY FERTILIZERS COMPANY LIMITED P ROCEDURE F OR D OWNLOADING

Technical Guide DocuPRO Embedded Client for Xerox

Clearswift Information Governance

Integration Client Guide

CONFIGURATION NOTE. Connecting Ascom i62 to Microsoft Lync Server 2010/2013 via Audiocodes SPS [ ] Gothenburg

Customer Tips. Xerox Network Scanning HTTP/HTTPS Configuration using Microsoft IIS. for the user. Purpose. Background

White Paper How to Remotely Access Ethernet I/O Over the Internet

ClickShare Network Integration

Higher National Unit specification: general information

App Orchestration 2.5

Barracuda Load Balancer Online Demo Guide

Installation Procedure SSL Certificates in IIS 7

Contents. Before You Install Server Installation Configuring Print Audit Secure... 10

Preparing for GO!Enterprise MDM On-Demand Service

What is the Barracuda SSL VPN Server Agent?

Transcription:

1. For all requests, the NYSMessage must be sent as a document and not a string text. The response(s) that NYSP sends are asynchronous and within the SOAP Body the NYSMessage section is sent as a document under: <ijp:sendijpresponserequest xmlns:ijp="http://ijpresponsews.ws.ijp.ij.state.ny.us"> /<sendijpresponse> 2. The second element with in the SOAP Body should be sent as simple type (i.e. with no NameSpace association). If the first element is not declared with any prefix then the child element of it should be sent with xmlns=. Registration Request Example: <sendijpregistrationrequest xmlns="http://registrationdomainws.ws.ijp.ij.state.ny.us"> <registrationrequest xmlns= > If the first element is declared with a prefix we need not mention anything for it s child element. Registration Request Example: <reg:sendijpregistrationrequest xmlns:reg="http://registrationdomainws.ws.ijp.ij.state.ny.us"> <registrationrequest> 3. In the HTTP header the SOAPAction is not required, but if included it should contain no prefixes and must be correct for the specific domain. Thus for a registration request it should be SOAPAction = sendijpregistrationrequest and for a property inquiry it should be SOAPAction="sendIJPPropertyRequest". 4. In the schemas for both Person and NLETS responses the ServiceAgencyResponseText element is used to store the actual response that is returned from service agencies e.g. NLETS or DCJS. This element can be ignored by the consuming interface. 5. Below are detailed explanations of some common NYSHeader request elements. MessageID The below constraints must be followed for the creation of the required metro client MessageID field for each request. Minimum Size of 10 characters Maximum size of 48 characters Only characters permitted are printable ASCII characters, spaces are not allowed. It should always be unique for each request submitted FuturePath This is the URL that the Integrated Justice Portal will utilize to return all responses to the metro server. It is supplied in the original request that is submitted by the metro server interface. Note that all message exchange will be done via HTTPS. If for some reason the agency requires that responses from the Integrated Justice Portal use a port other than 443 then the port range of 4440-4444 can be utilized. It is the responsibility of the metro server interface to insure that any used ports are opened within the network architecture. UserID This is to contain information as to who submitted the request and if possible from what remote device. This information will be returned back to the client and can be formatted in any way that meets the client interface requirements. Spaces are not allowed. CreationTimestamp For each request this must contain the date and time of submission. Creation Timestamp may be one day older that current time. Format is: yyyy-mm-dd hh:mm:ss (i.e. 2012-12-31 15:30:45) Last updated on 8/2/2013 1

SourceORI This is the metro server ORI that State Police will assign to each agency that will implement a web service interface. Note that in the NYSRequest section of the request the OrganizationORIID (see below) should contain the ORI of the agency for whom the request is being submitted for. <Agency xmlns="http://exchanges.state.ny.us/ij/ext"> <OrganizationORIID xmlns="http://niem.gov/niem/domains/justice/1.0"> <ID xmlns="http://niem.gov/niem/universal/1.0">ny004013g</id> </OrganizationORIID> </Agency> NoGeneratedIndicator The NoGeneratedIndicator (value either true or false) is used with all DMV requests (In State, Out of State and Canadian). If the requirement is to receive only the respective DMV response then set this value to true. If set to false, then any associated value added generated responses for the specific request will be returned as well as the respective DMV response. Example follows: <BusinessOptions xmlns="http://exchanges.state.ny.us/ij/ext"> <NoGeneratedIndicator>false</NoGeneratedIndicator> </BusinessOptions> MiscellaneousText It is an optional field led that is typically used to explain why the inquiry was submitted. The maximum size is 200 characters and special characters, with the exception of periods, are allowed. This information is not returned in any responses. <nysext:additionalinformation> <nysext:miscellaneoustext> Driver stop by PO John Wilson, Main and West streets </nysext:miscellaneoustext> </nysext:additionalinformation> Boolean Values In all requests the Boolean true / false values must be in the format of either true or false. LogLevel For test environment this value must be DEBUG or ERROR. For Staging and Production environments this value must be ERROR. 6. To create an LDAP account for the remote metro server, the below information must be provided by the respective parties NYSP provides metro server ORI to agency Agency supplies to NYSP remote metro server external IP address that is presented to test DataPower server Agency supplies to NYSP self signed certificate from remote metro server Agency provides to NYSP the web server type and version (i.e. IIS v 6, Tomcat v 7, Apache v 5) NYSP works with DCJS to create metro web server LDAP account Once LDAP account is created, NYSP provides to agency the metro server user name and password 7. Initial Connectivity Test Once the LDAP account is created and the metro server is configured within the test DataPower server, NYSP will provide to the agency an agency specific test registration XML request. This request will contain the agency user name and password, SourceORI (metro server ORI) and valid test data. The agency will be responsible for submitting the request with the appropriate MessageID, FuturePath, UserID and CreationTimestamp information. Last updated on 8/2/2013 2

8. NYS DMV Client ID and NYS DMV Motorist Number Both of these numbers are NYS DMV operator license numbers but the 22 digit NYS DMV Motorist Number is a historical number while the nine digit NYS DMV CID (Client ID) is the actual number printed on the NYS driver license document. The NYS DMV CID should be used for all requests by NYS DMV driver license numbers. Last updated on 8/2/2013 3

** DataPower ** Connecting via local ISP Test IJP DataPower Server IP Address Message traffic from Message traffic to ws.test.ejusticeny.ny.gov:4443 159.181.240.17 159.181.240.17 Staging IJP DataPower Server ws.stage.ejusticeny.ny.gov:4443 170.123.237.247 (primary) 170.123.239.247 (failover) 170.123.237.252 (primary) 170.123.239.252 (failover) Production IJP DataPower Server ws.ejusticeny.ny.gov:4443 170.123.237.246 (primary) 170.123.239.246 (failover) 170.123.237.250 (primary) 170.123.239.250 (failover) Connecting via NYeNet / OneNet Test IJP DataPower Server IP Address Message traffic from Message traffic to ijws.test.ejusticeny.state.nyenet:4443 Connecting via NYeNet via tunnel Test IJP DataPower Server IP Address Message traffic from Message traffic to ijws.test.ejusticeny.state.nyenet:4443 Staging IJP DataPower Server ijws.stage.ejusticeny.state.nyenet:4443 10.127.249.22 (primary) 10.127.253.22 (failover) 10.127.249.3 (primary) 10.127.253.3 (failover) Staging IJP DataPower Server ijws.stage.ejusticeny.state.nyenet:4443 10.127.249.22 (primary) 10.127.253.22 (failover) 10.127.249.4 (primary) 10.127.253.4 (failover) Production IJP DataPower Server ijws.ejusticeny.state.nyenet:4443 10.127.248.23 (primary) 10.127.252.23 (failover) 10.127.248.3 (primary) 10.127.252.3 (failover) Production IJP DataPower Server ijws.ejusticeny.state.nyenet:4443 10.127.248.23 (primary) 10.127.252.23 (failover) 10.127.248.4 (primary) 10.127.252.4 (failover) ** Ports ** For requests to IJP from the metro server interface port 4443 must be used. Client authentication will be done on this port; therefore the metro server interface must insure that mutual SSL is implemented on all requests to IJP. This means that the agency certificate must be presented by the metro server interface when making the request to IJP. The validation of the certificate is done at the DataPower transport layer and not at the message level. For responses from IJP to the metro server interface port 443 or a port in the range 4440 4444 can be used. ** Note ** It is the responsibility of the metro server interface to insure that any used IP addresses and ports are opened within the remote network architecture. ** URLs ** URLs for Connectivity to the respective IJP Environment via local ISP utilizing Mutual SSL IJP Test Environment: https://ws.test.ejusticeny.ny.gov:4443/ijservices/nyspin/ijpregistration IJP Staging Environment: https://ws.stage.ejusticeny.ny.gov:4443/ijservices/nyspin/ijpregistration IJP Production Environment: https://ws.ejusticeny.ny.gov:4443/ijservices/nyspin/ijpregistration URLs for Connectivity to the respective IJP Environment via OneNet / NYeNet utilizing Mutual SSL IJP Test Environment: https://ijws.test.ejusticeny.state.nyenet:4443/ijservices/nyspin/ijpregistration IJP Staging Environment: https://ijws.stage.ejusticeny.state.nyenet:4443/ijservices/nyspin/ijpregistration IJP Production Environment: https://ijws.ejusticeny.state.nyenet:4443/ijservices/nyspin/ijpregistration Last updated on 8/2/2013 4

** Note ** The above URLs are to be used for requests that go to the DMV domain. If a request is from another domain then the last section of the URL will change regardless of whether connectivity is via a local ISP or OneNet / NYeNet. Below is a list of domains and what the corresponding last section of the URL should be. Domain DMV Property Miscellaneous Person Last Section of URL IJPRegistration IJPProperty IJPMiscellaneous IJPPerson Last updated on 8/2/2013 5

Steps for Testing and Migration to Production 1. NYSP to assign a unique ORI for the Metro server which is to be used in the SourceORI field for all requests. The OrganizationORIID in the NYSRequest section of the request must contain the ORI of the agency for whom the request is being submitted for. 2. Agency to inform NYSP how metro server will connect to the DataPower server. Connectivity is via the Internet with service provided by either a Local ISP or OneNet which is managed by the New York State Office of Information Technology Services. 3. Metro server must have static IP. Agency / Vendor to supply NYSP with IP address that will be exposed to the DataPower server. 4. NYSP to obtain a test LDAP account which is associated with the Metro server ORI and will contain a username and password. This username and password must be used in all submitted requests to the test environment. 5. NYSP to supply to the Vendor/Agency the test DataPower certificate which must be installed on metro server. Certificate to be sent with extension of rec, once received rename it to cer. 6. Vendor/Agency or NYSP create and supply self-signed certificate for Metro server. 7. Vendor/Agency must complete and return to NYSP the NYSP_Web_Service_Transaction_List spreadsheet, located at http://troopers.ny.gov/iepd, indicating all the transactions that will be implemented. Once all development work is done a scheduled test of all implemented transactions will be conducted in the Test environment 8. NYSP to supply Vendor/Agency with test XML request to use to test connectivity. Where possible NYSHeader elements are pre-filled. The one element that must be completed before request is submitted is the FuturePath. If there are any questions in regard to any of the NYSHeader elements please refer to the NYSP Web Service Frequently Asked Questions document located at http://troopers.ny.gov/iepd 9. Vendor/ Agency to schedule connectivity test time using appropriate test DataPower URL. Once connectivity test is successfully completed, development work for all transitions can proceed. 10. Once testing of all transactions is certified by agency in the test environment then a regression of all transitions must be performed in the Staging environment with the production Symantec (formerly Versign) certificate. Agency must complete Certificate Signing Request (CSR) in order to obtain the Symantec certificate. NYSP must know the type of web server being used. For staging environment regression test: a. Vendor/Agency replaces Test DataPower URL with Staging DataPower URL b. Ensure network is open for traffic from Agency to Staging DataPower c. NYSP to send Staging DataPower certificate to Vendor/ Agency. Determine if they need this certificate in pem or der format d. Perform scheduled regression test of all transactions listed in NYSP_Web_Service_Transaction_List spreadsheet. 11. Once testing of all transactions is completed in the staging environment then the below steps to migrate to the Production environment can begin: a. Vendor/Agency replaces Staging DataPower URL with Production DataPower URL b. NYSP to send production username and password to Vendor/Agency. This replaces the non-production username and password in all requests submitted from remote Metro server. c. NYSP to send Production DataPower certificate to Vendor/ Agency. It must be installed on the production Metro server. Determine if they need this certificate in pem or der format. d. Ensure network is open for traffic from remote metro server to Production DataPower. Last updated on 8/2/2013 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information