[midPoint] Configuration of Entitlements (Stumpf Alexander)

Stumpf Alexander Alexander.Stumpf at zeta.com
Wed Jun 7 10:23:10 CEST 2017 

Hello Midpoint Team,

I have finally achieved to create a setup with midpoint that works with my connector. It is not best practice, but it works for the moment and is sufficient.

One Topic is left:
I want to set one (or more) Boolean(s) in a table depending on a role-ownership.
If a user is assigned to the role, the Boolean should be true, if I remove the role, the Boolean should be false.

I can set the Boolean using Inducement on the role (I use weak strength on purpose)
...
<inducement id="x">
                <!- resource ref, Kind, intent a so on ... -->

                <attribute>
                               <c:ref>myBooleanAttribute<c:ref>
                               <outbound>
                                               <expression>
                                                               <value>true</value>
                                               </expression>
                               </outbound>
                </attribute>
                <strength<weak</strength>
</inducement>

When the role is assigned, "myBooleanAttribute" is set to true, like expected and wanted.

How can I set the attribute to "false" when the role is removed.
Has this something to do with the delta mechanism? I have not found any "trigger: Deprovisioning Role" where I can set the Boolean to false.
Is there any? I know, I have to consider Role explosion, SOD  and policies, when applying such a rule.

I would be very happy, if anyone could help me with this matter.
Thank you in advance an best regards

Alex


B.Sc. Alexander Stumpf
System Development

ZETA Automation GmbH
Münchner Str. 8, D-85354 Freising
P +49 (8161) 99 21-649
F +49 (8161) 99 21-644
alexander.stumpf at zeta.com<mailto:alexander.stumpf at zeta.com>
http://www.zeta-automation.de<http://www.zeta-automation.de/>

HRB 115294, Amtsgericht München; UST-Id. Nr. DE 189564479,
Geschäftsführung: Mag. René Haas, Dipl.-Ing. Dr. Andreas Marchler


:Disclaimer:

The information contained in this e-mail and in any attached files is confidential and/or legally privileged. If you are not the intended recipient, please contact the sender and delete this e-mail. Any unauthorised copying or distribution of the information contained in this e-mail and/or in any attached file is prohibited. The sender and/or the sending company do not accept liability for the incorrect and/or incomplete transmission of the information, nor for any delay or interruption of the transmission, nor for the damages arising from the use of or reliance on the information unless mandatory law provides otherwise. E-mails may be interfered with, may contain computer viruses or other defects. The sender and/or the sending company give no warranties and do not accept liability in relation to these matters, unless mandatory law provides otherwise. Thank you for your cooperation.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170607/44e577bc/attachment.htm>

More information about the midPoint mailing list