The task can be scheduled in three different ways or using three types of triggers
:
To run, schedule and review tasks, these interfaces have been created:
LongRunningTaskExecutor
- any executable task. This task can be run from the code.SchedulableTaskExecutor
- scheduled task. The task can be scheduled through UI schedulers.
* AbstractSchedulableStatefulExecutor
- stateful scheduled task. Result is logged for every processed item (see next section).
Implemented long running tasks are listed below. No schedulable long running tasks are included.
Sends warning notification before password expires. Notification is not sent to disabled identities. Days before has to be given as task's parameter (number greater than zero). More tasks could be configured, e.g. for sending warning notification 14,7,3 days before password expires. Default notification topic is configured to email sender.
Sends warning notification after password expires. Notification is not send to disabled identities. Default notification topic is configured to email sender.
Removes accounts with expired protection interval. Account has to have inProtection
flag setted to true
.
Retry failed provisioning operation periodically. When provisioning operation fails, then is logged into provisioning queue with result (state, exception, result code etc.) and new attempt time. Number of attempts is 6 and time between attempts grows (2 mins, 5 mins, 20 mins, 2 hours, 12 hours - configuration coming soon).
Long running task for execute script by code. Script can increment and initialize counter.
Long running task for remove old logging event, logging event exception and logging event property. Parameter remove old logs than (days).
days
- removes logs older than given days count.
Process provisioning operations in queue periodically. This LRT executes prepared (created
) requests for provisioning, when target system is switched do use asynchronous provisioning.
virtualSystem
, values:true
- processes created
operations from queue for virtual system only,false
- processes created
operations from queue for non virtual system only,null
- if virtualSystem
parameters is not configured, then processes created
operations from queue for all systems.Schedule synchronization.
Synchronization uuid
- synchronization configuration to schedule.Long running task for add newly added automatic role to users. Can be executed repetitively to assign role to unprocessed identities, after process was stopped or interrupted (e.g. by server restart).
roleTreeNode
- automatic role identifier.Long running task for removing automatic roles from identities.
roleTreeNode
- automatic role identifier.@since 9.0.0
Long running task for adding newly added role compositions to users. Sub roles defined by this composition will be assigned to identities having superior role. Can be executed repetitively to assign unprocessed roles to identities, after process was stopped or interrupted (e.g. by server restart).
role-composition-id
- role composition identifier.@since 9.0.0
Long running task for removing assigned roles by given composition from identities.
role-composition-id
- role composition identifier.Remove roles by expired identity contracts (⇒ removes assigned roles).
Long running task for removing expired identity roles. Expected usage is in cooperation with CronTaskTrigger
, running once a day after midnight.
When role was created with validity in future, then this executor publish even, when role starts to be valid. This is needed specially for account management, when new account for roles that was newly valid has to be created.
@since 7.5.1
HR process - enable identity's contract process. The processes is started for contracts that are both valid (meaning validFrom
and validTill
) and enabled. This LRT should be configured even event processors for HR processes are enabled - this process depends on current date ⇒ event processors cannot work this way. Event processors checks active changes on given contract.
@since 7.5.1
HR process - identity's contract exclusion. The processes is started for contracts that are both valid (meaning validFrom and validTill) and excluded. This LRT is optional with event processors for HR processes. One of LRT or processors should be enabled / scheduled. If LRT is scheduled and processors are enabled, then this LRT just checks, if everything is done (contract is already excluded by processor).
@since 7.5.1
HR process - end of identity's contract process. The processes is started for contracts that are not valid (meaning validFrom and validTill). This LRT is optional with event processors for HR processes and IdentityContractExpirationTaskExecutor. One of this LRT or processors with IdentityContractExpirationTaskExecutor should be enabled / scheduled. If this LRT is scheduled and processors with IdentityContractExpirationTaskExecutor are enabled / scheduled, then this LRT just checks, if everything is done (contract is already expired by processor or IdentityContractExpirationTaskExecutor).
@since 8.1.0
Recalculate current using slices as contract. Find all slices which should be for actual date using as contract and copy their values to parent contracts.
@since 8.2.0
Change key for crypt confidential storage. Taks can be started after you change key in application properties/file to newer. As parameter will be given old key.
By default, the core module implements AbstractScheduledTaskInitializer - InitCoreScheduledTask. This class is responsible for initializing default scheduled tasks. See IdmCoreScheduledTasks.xml for xml structure.
For another module it is necessary to implement the subclass of AbstractScheduledTaskInitializer.