[midPoint-git] [Evolveum/midpoint] 8996dd: Implement password caching

mederly noreply at github.com
Thu Oct 31 23:46:48 CET 2024 

  Branch: refs/heads/feature/password-caching
  Home:   https://github.com/Evolveum/midpoint
  Commit: 8996dd73e5343e511f23c7206df1634bf7bd3a6c
      https://github.com/Evolveum/midpoint/commit/8996dd73e5343e511f23c7206df1634bf7bd3a6c
  Author: Pavol Mederly <mederly at evolveum.com>
  Date:   2024-10-31 (Thu, 31 Oct 2024)

  Changed paths:
    M docs/security/credentials/password-policy.adoc
    M docs/security/credentials/password-related-configuration.adoc
    M docs/security/credentials/password-storage-configuration.adoc
    M gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/impl/page/self/credentials/PropagatePasswordPanel.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/CapabilityUtil.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/processor/AbstractResourceObjectDefinitionImpl.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/processor/ResourceObjectDefinition.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/processor/ShadowAssociation.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/AbstractShadow.java
    M infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ShadowUtil.java
    M infra/schema/src/main/resources/xml/ns/public/common/common-provisioning-3.xsd
    M model/model-api/src/main/java/com/evolveum/midpoint/model/api/ModelInteractionService.java
    M model/model-common/src/main/java/com/evolveum/midpoint/model/common/stringpolicy/ObjectValuePolicyEvaluator.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/controller/ModelInteractionServiceImpl.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/credentials/CredentialPolicyEvaluator.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/credentials/ProjectionCredentialsProcessor.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/projector/loader/ProjectionFullLoadOperation.java
    M model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/security/SecurityHelper.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestIteration.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestModelServiceContract.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/manual/AbstractDirectManualResourceTest.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/manual/AbstractManualResourceTest.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/password/TestPasswordDefaultHashing.java
    M model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/sync/TestImportRecon.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ProvisioningContext.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/shadows/ShadowsLocalBeans.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/shadows/manager/ShadowComputerUtil.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/shadows/manager/ShadowDeltaComputerAbsolute.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/shadows/manager/ShadowDeltaComputerRelative.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/shadows/manager/ShadowObjectComputer.java
    M provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/util/ShadowItemsToReturnProvider.java
    M provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/dummy/AbstractBasicDummyTest.java
    M provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/dummy/TestDummy.java
    M provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/manual/AbstractManualResourceTest.java
    M provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/opendj/AbstractOpenDjTest.java
    M provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/opendj/TestOpenDj.java
    M provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/opendj/TestOpenDjIncompletePassword.java
    M provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/opendj/TestOpenDjReadablePassword.java
    M provisioning/provisioning-impl/src/test/resources/opendj/resource-opendj-readable-password.xml
    M repo/repo-sqale/src/test/java/com/evolveum/midpoint/repo/sqale/func/SqaleRepoModifyObjectTest.java
    M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/AbstractIntegrationTest.java
    M repo/repo-test-util/src/main/java/com/evolveum/midpoint/test/asserter/ShadowAsserter.java

  Log Message:
  -----------
  Implement password caching

The password caching was not implemented as part of the shadow caching
feature provided in midPoint 4.9. It is implemented now. Please see
https://docs.evolveum.com/midpoint/devel/design/password-caching-4.9.1/
for more information.

Work in progress. The configuration schema may change a little.

Unrelated changes:

- Slightly updated credentials documentation.
- Minor code improvements.
- Activation data is erased from the cache when caching is disabled
(and account is fetched).
- Re-enabled some methods in TestOpenDj (forgotten in disabled state).
- Fixed checking whether password capability is enabled when asking
about "isPasswordReturnedByDefault".

Related to MID-10050 and MID-9958 (duplicate).



To unsubscribe from these emails, change your notification settings at https://github.com/Evolveum/midpoint/settings/notifications

More information about the midPoint-svn mailing list