Query playground

Posted on 8th September 201616th September 2016 by Pavol Mederly

At many places in midPoint we can (and sometimes have to) specify queries in order to find one or more objects in the system. We do this e.g. when we want to restrict objects (like users, roles, resources or services) shown on the screen, when selecting objects that are to be included within a report, when specifying objects that are to be processed by a background task, when account owner is to be determined, or when assignment target is to be found. All of this is done via midPoint query language – abstract XML-based language that is designed to specify constraints on objects, and optionally paging and sorting instructions. This language is very powerful. The negative side of that power is complexity: it is quite hard to write (correct) queries by hand. Because of this, we’ve recently added a simple, yet helpful feature to midPoint: query playground.

[…]

Once upon a time

Posted on 20th July 201620th July 2016 by Katka Bolemant

Once upon a time there was an idea to manage more than the users and their accounts using midPoint. We moved beyond the boundaries of traditional old-fashioned identity managers introducing generic synchronization which allows to synchronize and manage organizations, organizational units, groups, group membership and everything related to identities. The constraints in relation to identities Read more about Once upon a time[…]

MidPoint 3.4 (Heisenberg) Released

Posted on 28th June 201628th June 2016 by Radovan Semancik

MidPoint 3.4 code-named “Heisenberg” was released a few days ago. This is the sixteenth midPoint release since the project started all these long years ago. MidPoint went a very long way since then.

The Heisenberg release is the best midPoint release yet. We have finished access certification functionality, which makes midPoint the very first open source product to enter the identity governance and compliance playing field. We have also improved midPoint internals to better handle inconsistencies of resource data and we have also made many small internal improvements to increase robustness. This was one of the inspirations for the code-name. Similarly to Heisenberg’s uncertainty principle midPoint accepts that there is a degree of uncertainty when it comes to processing of the identity data. It may not be practically possible to always base the decisions on authoritative data. Practical identity management system needs to accept that the identity data are always in a state of flux – and midPoint does just that. And it manages the data reliably even in situations where other systems fail miserably. […]

OpenLDAP Management: slapdconf

Posted on 11th May 201631st May 2016 by Radovan Semancik

I like OpenLDAP. OpenLDAP server is famous for its speed and good open source character. But it is really infamous for ease of management. Or rather a lack of anything that could be called “easy” when it comes to managing OpenLDAP. Managing OpenLDAP content is not that difficult. For manual management there is excellent Apache Read more about OpenLDAP Management: slapdconf[…]

Provisioning to Unix in 5 steps

Posted on 15th March 2016 by Katka Bolemant

Do you need to manage different linux machines? Are you struggling with that? Are you losing track of which user can access which Linux machine? Are users upset with different logins for different linux machines? If you answer positively at least one question, I’ll try to alleviate your everyday suffering with this blog. If your answers were no Read more about Provisioning to Unix in 5 steps[…]

Smart Match

Posted on 9th March 201624th May 2016 by Radovan Semancik

In identity management there is a class of petty issues that appear and re-appear all the time. Even though these issues are easy to understand, they are tricky to completely eliminate and they often have very nasty consequences. These seemingly unimportant issues frequently result in nights spent resolving a total breakdown of IDM system. What is this devil that kills sleep and keeps engineers away from the families? It is the daemon of case insensitivity and his friends. […]

Problem Analysis with Evolveum Log Viewer

Posted on 3rd March 20163rd March 2016 by Pavol Mederly

Life of a midPoint developer is a colorful one. There are enjoyable periods of building things when you have a luxury of undisturbed raising smaller or larger pieces of code. But sometimes there comes an interrupt: you break something in such a way that you are not able to find what is wrong – for hours or even for days, occasionally. Also regularly, after “feature freeze” points, there arrive periods of intensive and merciless hunting of remaining bugs. Besides this, often a colleague, customer, partner or a friend on the mailing list comes with a problem he or she urgently needs to help with.

The core of midPoint – IdM Model Subsystem – is an extremely powerful and flexible computation engine. It can be configured to implement almost all policies one could imagine. But with such flexibility comes potential (and sometimes very real) complexity: for more advanced configurations it is very easy to make a mistake that, with a bit of bad luck, manifests itself in a quite unexpected way.

[…]

FOSDEM 2016 and my first talk?

Posted on 3rd February 201610th February 2016 by Katka Bolemant

On Monday, I travelled back home from FOSDEM Conference which I was attending for the second time. Last year I was only an attendee enjoying the atmosphere made by all these open-source positive people, but this year I decided to move further and try to apply for a talk. When I was sending a proposal Read more about FOSDEM 2016 and my first talk?[…]

Infrastructure Provisioning in context of organization

Posted on 27th January 20163rd February 2016 by Katka Bolemant

At present, companies go for moving their infrastructure to the clouds, which became synonyms for cost efficiency. Instead of using public cloud, why not to create your own exactly according to your needs? OpenStack is one of the options there for you. By deploying identity management system (midpoint) in different companies I learnt people have different Read more about Infrastructure Provisioning in context of organization[…]

Name	Provider	Purpose	Expiry	More information
PHPSESSID	Evolveum s.r.o.	Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.	When you close your browser
moove_gdpr_popup	Evolveum s.r.o.	When this Cookie is enabled, these Cookies are used to save your Cookie Setting Preferences. You can enable or disable your Cookie Settings on our website at anytime via Cookie Settings.	1 year	Read more
wordpress_test_cookie	Evolveum s.r.o.	Tests that the browser accepts cookies.	Session	Read more
wp-settings-[user_id]	Evolveum s.r.o.	Used to preserve user’s wp-admin settings	1 year	Read more
wordpress_[hash]	Evolveum s.r.o.	On login, WordPress uses the wordpress_[hash] cookie to store your authentication details. Its use is limited to the Administration Screen area, /wp-admin/	Session	Read more
wordpress_logged_in_[hash]	Evolveum s.r.o.	Remember User session	Session	Read more
wordpress_sec_[hash]	Evolveum s.r.o.	This cookie is used to store your authentication details. Its use is limited to the admin console area, /wp-admin/	Session	Read more
wp-postpass_[hash]	Evolveum s.r.o.	This cookie is used to grant access to password protected areas of the site.	10 days
wp-settings-time-[user_id]	Evolveum s.r.o.	The number on the end is your individual user ID from the user’s database table. This is used to customize your view of admin interface, and possibly also the main site interface.	1 year	Read more

Name	Provider	Purpose	Expiry	More information
woocommerce_cart_hash	Evolveum s.r.o.	Helps WooCommerce determine when cart contents/data changes.	When you close your browser	Read more
woocommerce_items_in_cart	Evolveum s.r.o.	Helps WooCommerce determine when cart contents/data changes.	When you close your browser	Read more
wp_woocommerce_session_[hash]	Evolveum s.r.o.	Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer.	2 days	Read more
tk_ai	Evolveum s.r.o.	Stores a randomly-generated anonymous ID. This is only used within the dashboard (/wp-admin) area and is used for usage tracking, if enabled.	Session	Read more
comment_author_{HASH} comment_author_email_{HASH} comment_author_url_{HASH}	Evolveum s.r.o.	When visitors comment on your blog, they too get cookies stored on their computer. This is purely a convenience, so that the visitor won’t need to re-type all their information again when they want to leave another comment.	These are set to expire a little under one year from the time they’re set.	Read more

Cookie settings

Strictly necessary

Third party

Technical