MidPoint 3.9 was released. Code-named Galileo, it is twenty-seventh midPoint release. Galileo Galilei was a polymath. He made significant advancements in several fields of science and engineering. MidPoint 3.9 is similar in this aspect as it brings broad variety of new features and improvements.
Perhaps the most interesting new feature is service account management. MidPoint 3.9 supports management of non-person accounts – accounts that belong to applications and services. Another interesting feature is ability to add new relations. This makes midPoint more configurable and adaptable. There was a variety of smaller improvements such as support for subtype in assignments and inducements, new scripting library functions, error handling improvements and so on. There are too many improvements to even enumerate them all in a short blog post.
The release also includes a couple of interesting improvements to authorization mechanism. First of all, midPoint has better support for multitenancy now. It is much easier to set up proper authorizations for a multi-tenant environment as “tenancy” is directly supported by the authorizations. However, the authorizations now maintain “zone of control” by default, therefore it is even easier to set up proper tenant isolation just with a couple of authorization statements.
There is a bunch of user interface improvements. Assignment/inducement selection dialog is improved. Registration and form validation capabilities were also extended. There were some improvements to shopping cart, GUI support for authorizations is slightly better and we have a brand new page for system configuration.
There is also a big collection of improvements to ConnId connector framework. We have contributed several improvements to the ConnId project and ConnId framework 1.5.0.0 was released. MidPoint supports all the improvements introduced in this upgrade, such as native support for timestamps. Big thing is a full support for delta-based update operation. And LDAP and AD connectors were modified to take full advantage of this development. There are also smaller diagnostics and lifecycle management improvements both to the connector framework and some connectors.
We have also found time for a couple of internal improvements in midPoint 3.9. For example the mechanism that handles provisioning failures was aligned with manual resource operations. This move makes midPoint code more compact and much more elegant. But it is also a step towards full support for asynchronous provisioning operations. Such internal improvements are getting really important as we are getting close to our first long-term support (LTS) version of midPoint.
MidPoint 3.9 Galileo is a significant step on a midPoint journey. We have seen a lot of interest in funding new midPoint features by the means of platform subscription. Vast majority of midPoint 3.9 development was funded by customers and partners. This is an important milestone for Evolveum. It’s always been essential that all parts of midPoint would be available to anyone under the open source license. Unlike other companies, we have been avoiding open-core model or any other tricks to close up parts of the source code. MidPoint source code is completely open and it will stay open. Therefore, I see this increase in midPoint development funding as a confirmation that a business model based on completely open software is possible and that such model is sustainable. And I would like to express my deepest gratitude to all people who made this possible.