MidPoint 3.8 “Watt”

MidPoint 3.8 “Watt” was released. Release nickname once again suggests the main focus of the release: performance and scalability.

Significant part of development effort of midPoint 3.8 was aimed at scaling. MidPoint is now able to support deployments that go well over millions of identities. While earlier midPoint versions were also able to reach this scale, that required a lot of patience and there were always some limitations. MidPoint 3.8 is a significant improvement in this aspect. Import/export speed was greatly improved, modification operations have potential for better scaling, there was a big cleanup of a database data model and many smaller performance improvements. However, there is always a price to pay for performance. In this case it is a harder upgrade process. Major changes in database model do not allow for easy upgrades as it was a norm in previous midPoint versions. But do not worry. MidPoint XML/JSON/YAML data model is still perfectly backward compatible. Therefore, all that is needed for an upgrade is to export data from old midPoint version and import them to upgraded midPoint instance.

But there is more to midPoint 3.8 than just performance. MidPoint 3.8 also contains provisioning improvements. Perhaps the most significant is “propagation” task that allows a delayed application of provisioning operations. This is very useful especially for manual connectors as the artificial delay allows to combine several operations into a single ticket. And indeed there were more improvements to manual connectors. Including a simple user interface for midPoint’s build in “cases” that was contributed by our partner Exclamation Labs. This is true power of collaborative development in practice.

There were also improvements to midPoint user interface. Perhaps the most elegant improvement is a feature that allows to utilize two of the most powerful identity governance features of midPoint: metaroles and policy rules. MidPoint 3.8 has a user-friendly user interface to assign policy metaroles. Those are metaroles that contain policy statements such as “must be approved by manager”. Assignment of such metarole means that the policy is applied. And now there are convenient checkboxes to do this easily. There were also UI improvements for handling roles that represent entitlements and various smaller improvements at various places in the user interface.

We also allowed a small experiment in midPoint 3.8. We have implemented some mechanisms that are needed for IDM-supported data protection. Those experimental data protection features were presented at FOSDEM’18. And now those features are part of midPoint 3.8. Nowadays the GDPR is in full force, therefore we expect that there will be serious demand for data protection features. As the demonstration clearly shows, midPoint is more than ready to follow this path.

Leave a Reply

Your email address will not be published.