MidPoint and semi-Manual Resources

Semi-Manual Resources

Recently released MidPoint 3.6 “Comenius” brings a lot of new intersting features. But there is one feature that is almost invisible and it could be easily missed. That would be an enormous shame because this particular feature is quite unique and it is very interesting indeed. We like to call it “semi-manual resources”. But let’s start at the beginning … […]

MidPoint 3.6 “Comenius”

MidPoint 3.6 “Comenius” is finally released. The Comenius release is huge in all aspects. It is a feature-packed release. It has so many features that Comenius is most likely the richest release in the entire midPoint history. But the number of features is not the only thing that matters. MidPoint 3.6 brings features with a significant effect on almost any identity management and governance deployment. […]

Evolveum open source pledge

Our names are Igor Farinič and Radovan Semančík. Although you might have noticed our names you are probably not aware that we are the founders of Evolveum. Evolveum is not based on venture capital investments and therefore the control of the company is firmly in our hands. And now we would like to very clearly express our commitment to the open source approach. Evolveum was, is and always will be an open source company. […]


Role-Based Access Control (RBAC) has been around for decades. It is both loved and hated. Over the years many newer access control models tried to improve on RBAC. Many of these developments focus on making the model more flexible. Attribute-Based Access Control (ABAC) is perhaps the most prominent model in this category. Quite recently there Read more about RBAC and ABAC[…]

midPoint in 2016

Yet another year is over. 2016 was an incredibly busy year for midPoint. Lots of new midPoint deployments and projects. But most importantly the midPoint itself has significantly evolved. MidPoint is firmly based in the identity governance now. First half of 2016 produced midPoint 3.4 “Heisenberg”. Heisenberg includes a lot of new features. But one Read more about midPoint in 2016[…]

Services and Things

Evolveum midPoint is a very comprehensive system. It can manage identities, roles and organizational structures. Simply speaking it can manage anything that is at least marginally related to the concept of identity. Yet until quite recently support for one broad area was missing and it was added in midPoint 3.4. Now midPoint can also manage Read more about Services and Things[…]

Sun IDM Migration Architecture

Sun Identity Manager a.k.a. Oracle Waveset is a software product at the end of its lifecycle. Yet many organizations still operate Sun IDM solution because they haven’t found any reasonable migration path. But now there is a migration path that leads to the most comprehensive open source IDM solution: Evolveum midPoint. In the previous two posts I have described the obstacles and motivation of Sun IDM migration. It is quite clear that major migration obstacles are the cost and the risk. However, we have successfully addressed both of these obstacles. The cost is addressed by the unprecedented deployment efficiency of Evolveum midPoint. Yet it is the risk that is usually the worst issue for any migration of any software system. But due to the flexibility of Evolveum midPoint we have managed to keep migration risk at a very acceptable level. And this post describes the details of our solution. […]

From Waveset to midPoint, Part 2

Sun Identity Manager is a king that has fallen. It is now called Oracle Waveset and it is as good as dead. Yet there are still many Sun IDM installations that hesitate with the migration. One of the major concern is the cost of the migration project. But as I have written in the first Read more about From Waveset to midPoint, Part 2[…]

From Waveset to midPoint, Part 1

Back in 2000s the Sun Identity Manager was the king. It was the best IDM product pursuant to Gartner. It had a good market share. And according to my experience it was actually the only practical IDM system on the market. Sun Identity Manager is now dead. It died in 2010 when Sun Microsystems was acquired by Oracle. Sun IDM was renamed to Oracle Waveset and the development of the product has been immediately stopped. But Sun IDM is a tough one. Even though it was killed 6 years ago it still survives in a creepy half-life form to this day. Oracle obviously tried to migrate all the Sun IDM installations to Oracle Identity Manager. But many customers refused to migrate. We can only speculate about the reasons, although anyone that had any hands-on experience with Oracle IDM will certainly have an opinion about that. Anyway, the future was not entirely bright for those who still maintain Sun IDM installation. But now there is a new hope. […]