New LDAP and CSV identity connectors

Posted on 10th October 2017 by Radovan Semancik

Identity connectors are important part of any identity management (IDM) project. For an IDM solution the connector provide interface to the outer world. And there are few connectors that almost any IDM solution needs: LDAP, Active Directory and CSV. New versions of those connectors were released recently. And there is an interesting story behind those connectors. […]

Semi-Manual Resources

Posted on 17th July 201720th July 2017 by Radovan Semancik

Recently released MidPoint 3.6 “Comenius” brings a lot of new intersting features. But there is one feature that is almost invisible and it could be easily missed. That would be an enormous shame because this particular feature is quite unique and it is very interesting indeed. We like to call it “semi-manual resources”. But let’s start at the beginning … […]

MidPoint 3.6 “Comenius”

Posted on 6th July 20176th July 2017 by Radovan Semancik

MidPoint 3.6 “Comenius” is finally released. The Comenius release is huge in all aspects. It is a feature-packed release. It has so many features that Comenius is most likely the richest release in the entire midPoint history. But the number of features is not the only thing that matters. MidPoint 3.6 brings features with a significant effect on almost any identity management and governance deployment. […]

RBAC and ABAC

Posted on 13th March 201725th March 2019 by Radovan Semancik

Role-Based Access Control (RBAC) has been around for decades. It is both loved and hated. Over the years many newer access control models tried to improve on RBAC. Many of these developments focus on making the model more flexible. Attribute-Based Access Control (ABAC) is perhaps the most prominent model in this category. Quite recently there Read more about RBAC and ABAC[…]

Internet of Things and midPoint, Part 1: Setting the scene

Posted on 18th October 2016 by Pavol Mederly

In its current version, midPoint can easily handle applications falling into “Internet of Things” category. In the forthcoming series of blog posts we will show how. Today let’s go through a brief introduction.
[…]

Services and Things

Posted on 11th October 2016 by Radovan Semancik

Evolveum midPoint is a very comprehensive system. It can manage identities, roles and organizational structures. Simply speaking it can manage anything that is at least marginally related to the concept of identity. Yet until quite recently support for one broad area was missing and it was added in midPoint 3.4. Now midPoint can also manage Read more about Services and Things[…]

MidPoint Development Tools for Eclipse

Posted on 4th October 201627th March 2019 by Pavol Mederly

In version 3.4 midPoint has got a really nice GUI. It is well suited for operational tasks. However, it lacks some features to support development and maintenance of really complex midPoint deployments. Main pain points are perhaps missing integration with git (or other version control systems) and limited support for editing complex XML objects. Because of this we’ve recently created a prototype of MidPoint Development Tools for Eclipse.

[…]

Test-Driven Bugfixing

Posted on 13th May 201627th March 2019 by Radovan Semancik

Test-Driven Development (TDD) tells us to write the tests first and only then develop the code. It may seem like a good idea. Like a way how to force lazy developers to write tests. How to make sure that the code is good and does what it should do. But there’s the problem. If you are doing something new, something innovative, how the hell are you supposed to know what the code should do? […]

Smart Match

Posted on 9th March 201624th May 2016 by Radovan Semancik

In identity management there is a class of petty issues that appear and re-appear all the time. Even though these issues are easy to understand, they are tricky to completely eliminate and they often have very nasty consequences. These seemingly unimportant issues frequently result in nights spent resolving a total breakdown of IDM system. What is this devil that kills sleep and keeps engineers away from the families? It is the daemon of case insensitivity and his friends. […]

Problem Analysis with Evolveum Log Viewer

Posted on 3rd March 20163rd March 2016 by Pavol Mederly

Life of a midPoint developer is a colorful one. There are enjoyable periods of building things when you have a luxury of undisturbed raising smaller or larger pieces of code. But sometimes there comes an interrupt: you break something in such a way that you are not able to find what is wrong – for hours or even for days, occasionally. Also regularly, after “feature freeze” points, there arrive periods of intensive and merciless hunting of remaining bugs. Besides this, often a colleague, customer, partner or a friend on the mailing list comes with a problem he or she urgently needs to help with.

The core of midPoint – IdM Model Subsystem – is an extremely powerful and flexible computation engine. It can be configured to implement almost all policies one could imagine. But with such flexibility comes potential (and sometimes very real) complexity: for more advanced configurations it is very easy to make a mistake that, with a bit of bad luck, manifests itself in a quite unexpected way.

[…]

Name	Provider	Purpose	Expiry	More information
PHPSESSID	Evolveum s.r.o.	Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.	When you close your browser
moove_gdpr_popup	Evolveum s.r.o.	When this Cookie is enabled, these Cookies are used to save your Cookie Setting Preferences. You can enable or disable your Cookie Settings on our website at anytime via Cookie Settings.	1 year	Read more
wordpress_test_cookie	Evolveum s.r.o.	Tests that the browser accepts cookies.	Session	Read more
wp-settings-[user_id]	Evolveum s.r.o.	Used to preserve user’s wp-admin settings	1 year	Read more
wordpress_[hash]	Evolveum s.r.o.	On login, WordPress uses the wordpress_[hash] cookie to store your authentication details. Its use is limited to the Administration Screen area, /wp-admin/	Session	Read more
wordpress_logged_in_[hash]	Evolveum s.r.o.	Remember User session	Session	Read more
wordpress_sec_[hash]	Evolveum s.r.o.	This cookie is used to store your authentication details. Its use is limited to the admin console area, /wp-admin/	Session	Read more
wp-postpass_[hash]	Evolveum s.r.o.	This cookie is used to grant access to password protected areas of the site.	10 days
wp-settings-time-[user_id]	Evolveum s.r.o.	The number on the end is your individual user ID from the user’s database table. This is used to customize your view of admin interface, and possibly also the main site interface.	1 year	Read more

Name	Provider	Purpose	Expiry	More information
woocommerce_cart_hash	Evolveum s.r.o.	Helps WooCommerce determine when cart contents/data changes.	When you close your browser	Read more
woocommerce_items_in_cart	Evolveum s.r.o.	Helps WooCommerce determine when cart contents/data changes.	When you close your browser	Read more
wp_woocommerce_session_[hash]	Evolveum s.r.o.	Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer.	2 days	Read more
tk_ai	Evolveum s.r.o.	Stores a randomly-generated anonymous ID. This is only used within the dashboard (/wp-admin) area and is used for usage tracking, if enabled.	Session	Read more
comment_author_{HASH} comment_author_email_{HASH} comment_author_url_{HASH}	Evolveum s.r.o.	When visitors comment on your blog, they too get cookies stored on their computer. This is purely a convenience, so that the visitor won’t need to re-type all their information again when they want to leave another comment.	These are set to expire a little under one year from the time they’re set.	Read more

Cookie settings

Strictly necessary

Third party

Technical