Developing a Static Data Plug-In
To develop a static data Cardholder-related information including things such as health benefits, biometrics, unique organizational identifiers, or unique personal identifiers that rarely change. plug-in, complete the following steps:
-
Define the parameters needed by the plug-in and for each parameter specify the following:
-
If the parameter is visible (meaning that the parameter is displayed in the ActivID CMS user interface during device issuance) or modifiable (meaning it is an editable field in the ActivID CMS user interface).
-
If the parameter is mandatory for the plug-in. Some parameters may be mandatory for the plug-in to function; others may be optional. For example, if the plug-in has a default value that it uses if the parameter is not specified, the parameter may be optional.
-
The source of the parameter’s initial value. The source of the parameter can be either the LDAP or the name of one of the generic server plug-ins.
-
The type—Byte, Integer, String, …
- The key—Tag/Numbers, cacert_path, …
-
-
Develop the plug-in class. Specifically, implement the following methods:
In the init() method, save the parameter values and/or use these values to retrieve other data from the system or another application.
In the computeCredentialParameters() method, compute and return the contents of the GC applet. Depending on the device profile An XML file that contains information about all the applets and applet instances that are to be loaded onto the device., the content returned for the GC applet may be one of the following:
-
Separate Tag and Value buffers. This applies to device profiles based on GSC-IS Government Smart Card-Interoperability Standard: This is the United States Government Smart Card-Interoperability Standard as defined by the National Institute of Standards and Technology (NIST). applets and for these the hash map contains the following keys that provide the contents of the tag and Value buffers, respectively:
-
persoGC/BufferValue/BufferT
- persoGC/BufferValue/BufferV
-
-
A single Tag-Length-Value (TLV) buffer. This applies to PIV Personal Identity Verification (technical standard of "HSPD-12") device profiles and for these the samba contains the following key that provide the contents of the TLV buffer for the PIV object to be personalized:
- persoGC/BufferValue/BufferV
In Windows-based systems, when the plug-in is loaded by ActivID CMS, its working directory is located in the following location:
%PROGRAMDATA%\HID Global\Credential Management System\custom.war\WEB-INF\lib
-
-
Package your plug-in class in a .jar file and put it and any related third-party packages into the following folder:
%PROGRAMDATA%\HID Global\Credential Management System\custom.war\WEB-INF\lib
-
Add plug-in entries in the plugins.properties file on the ActivID CMS Portal. The file is located in the %PROGRAMDATA%\HID Global\Credential Management System\Shared Files\ directory.
Example: Declaring a New Plug-In (sampleplugin)
Copy// add the plug-in to ActivID CMS Server plug-in list
plugins = intermediate_certificate, sampleplugin
// add the entry that defines the Java implementation class of the plug-in
sampleplugin.class=com.company.plugins.SamplePlugin -
Add the plug-in definition into the <p:staticcredentialplugins> section of the selected device profile definition. Delimit the plug-in definition using the <p:staticcredentialplugin> and </p:staticcredentialplugin> tags as shown in Syntax of the Device Profile Section (p:staticcredentialplugin).
In Example 2, three parameters are defined: SampleConfigFile, employee_name, and employee_mail.
Example: Three Parameters Defined
Copy<p:staticcredentialplugin name="sample plug-in example" type="sampleplugin">
<p:params>
<p:param name="Sample Config File" type="String" key="SampleConfigFile" visible="false">
<p:value>
C:\ProgramData\HID Global\Credential Management System\Shared Files\sampleplugin.properties
</p:value>
</p:param>
<p:param
name="Employee name" type="String" key="employee_name" visible="true" modifiable="false" initsource="ldap" initsourceparam="cn"/>
<p:param
name="Employee mail" type="String" key="employee_mail" visible="true" modifiable="true" mandatory="true">
</p:param>
</p:params>
</p:staticcredentialplugin>The device profile must define a data storage application (the GC applet) to be used with the plug-in. This is the device application that stores the data retrieved by the plug-in. To do this in the device profile XML file, you must set the attribute useplugin of the data storage application to true as shown in the following example.
Example: Defining a data storage application
Copy<p:application name="DataStorage1" type="GC" optional="true" useplugin="true" >
<p:params/>
<p:actions/>
</p:application> -
Restart the IIS service and CMS Server services on the ActivID CMS server.
-
Define a device policy that uses the selected device profile and associate the plug-in with a data storage application (GC applet). To create device policies, see Creating a Device Policy.