10.2:release_notes.md

CzechIdM 10.2.0

Version 10.2.0 comes, beside many other features and enhancements, with Export and Import feature intended to ease data transmission from one system to another. User type feature aka form projection is designed for simple identity form creating and editing. Enhanced cache feature brings new opportunities in the field of concurrent usage of multiple IdM instances.

Export and import

Introduction Export and Import features into version 10.2.0 brings powerful tool for CzechIdM users and customer implementers. It saves them from manual transmission of prepared CzechIdM setting from test to production environment which may be the typical use case. Thanks to this automation the whole process is much less error prone. The export function creates a batch of exported items which are stored in the zip file package. Such package is then ready to be downloaded and imported into the same or another IdM system. Currently supported items to export are: * roles * systems * application configuration * form definitions, catalogs

export_import_table

The import functionality ensures, beside batch import itself, also advanced handling of imported items. In its authoritative mode it is able to override items which exist in both imported batch and destination IdM system. Summary gathered from import dry run is displayed to user before import itself. It compares imported batch with items already contained in IdM and informs the user which items will be added, deleted or updated if already exist. This summary provides to user clear notion what IdM system will look like after performing import.

import_log_tree

You can find more about this feature CzechIdM 10.2.0.

User type - Identity form projection

User type is a kind of user configurable identity form. The motivation for its introduction into version 10.2.0 is to provide a manner how to create user defined, often simplified, identity form definition designated for particular purpose e.g. employees with external work contract. Managers of such personnel don’t need to be bothered by filling in complex forms and may benefit from their simplified versions. Newly created form can be composed of any attributes from any Identity or Contract form definitions. When editing such type of identity form, user is able to switch to full form version with all attributes usually available in IdM and back again. Because this features provides a way how to see selected parts of identity form, it may be considered for being a projection of that identity form.

projection-detail_mod

You can find more about this feature CzechIdM 10.2.0.

Enhanced cache management

Verison 10.2.0 extends enhanced cache features added into IdM in the previous version. There was changed approach to internal cache usage, thanks to which it is possible to use third party cache provider. CzechIdM currently has pre-configured Ehcache and is ready to connect to Terracota cache server in order to enable distributed caching. Distributed caching is especially useful in case of using multiple IdM instances.

You can find more about this feature CzechIdM 10.2.0.

💡 New features in this version:

  • #1972 - Export - import -(Role, System, IdM configuration)
  • #2105 - Dynamic form for identities
  • #2024 - Configure cluster friendly cache manager for distributed cache
  • #1562 - Cron gui component
  • #2040 - Provisioning system timeout - Execute provisioning synchronously from long running task is stucked
  • #1563 - Postponed first start of cron
  • #2095 - Performance testing for the export/import agenda
  • #856 - Allow admin to configure OperationOptions for each operation type
  • #882 - Scheduler - configure scheduled starts by calendar
  • #2068 - Editable identity profile
  • #2027 - Deleting role which was assigned and removed from thousands users took long and you have no info on FE what is happening
  • #2107 - LRT: persist bulk action into long running task agenda
  • #1573 - User attributes not allowed in passwords - check for the delimiters
  • #2112 - Referential integrity validation
  • #2014 - Add info about account owner in the virtual request and notification
  • #2127 - Add download attachment option to the bulk action (modal dialog)
  • #2053 - IdentityRoleExpirationTaskExecutor fails if HrEndContractProcess removes the identity role first (and vice versa)
  • #1294 - Eav - add localization for core long running tasks
  • #2064 - LRT - start task again without scheduled task is needed
  • #1837 - Implement thread rejection policy for LRT pool
  • #1003 - Detect and display conflicting settings in synchronization (custom filter)
  • #2147 - Unintentional deleting a user from the user table (on the role detail)
  • #2174 - Export additional connector options as part of the system export
  • #2066 - LRT - support backend bulk actions
  • #2103 - LRT - add filter to scheduled tasks
  • #1782 - Support automatic roles by other than main EAV definition
  • #2165 - Authorization policies - check change user type permission on backend
  • #2070 - FE: add link to audit by entity identifier from tables
  • #2076 - Agenda of available services - documentation
  • #2145 - Add sort for UID column on VS request table
  • #2098 - Improve label for role request in progress on dashboard
  • #2128 - Prefill name of automatic role (by attributes) with role name
  • #2144 - Filter by role catalogue when selecting subroles
  • #2084 - SQL query for moving EAV definitions form one form definition to another
  • #2170 - Add full identity to "provisioning-send-notification-processor"
  • #1975 - Analysis - Dynamic form for create and update identity

🐞 Defects fixed in this version:

  • #2186 - IdentityRoleExpirationTaskExecutor repeated same sequence of identity roles
  • #2193 - LRT: authentization is changed during task processing
  • #2108 - Unchecking "Main definition" check box in Form definition causes IdM doesn't start
  • #2159 - Notification agenda can't be read when Sender identity is deleted - missing referential integrity
  • #2100 - Planned long running task was deleted after upgrade product version
  • #1880 - Password validation policies throwing weird errors
  • #2149 - Notification about account creation is sent even if the operation fails
  • #2118 - Approving by manager not work properly on some environment (Groovy calls wrong method)
  • #2077 - An assertion occurs when coming to password tab of identity after it was removed from system
  • #1350 - Provisioning fails on password generation when forbidden characters are added to password policies
  • #2097 - Cannot copy system which uses remote connector server
  • #2141 - Strange behavior during submiting empty request
  • #2179 - Katalog rolí - filtrace vrací na změnu na uživateli
  • #2143 - Tables overflow a window
  • #2134 - Missing username on modal window after session timeout
  • #2088 - Cannot check ssl in remote connector server configuration
  • #2122 - Notification configuration can't be displayed after deleting a template which uses some notification configuration (missing integirity)
  • #2096 - Apply the "Write only on create of the entity" strategy authoritatively
  • #2018 - When a new approval task is created by the WF, notification to the approving user is not sent
  • #2061 - Missing URL for the detail of the role request
  • #2150 - Not really random passwords if only minimum of special characters is set
  • #2109 - Modal window with manual deactivation cannot be canceled
  • #2130 - When sending notification, selected template doesn't stay selected in combo box.
  • #2106 - Max file upload exception is not propagated to frontend.
  • #2080 - Contract info card isn't generated correctly in role audit
  • #2140 - The 'Rights' attribute in virtuals is generated with whitespace at the end
  • #2142 - Clicking on the name of an attribute mapped within role displays Page not found