[midPoint] storing passwords for external applications
Oskar Butovič - AMI Praha a.s.
oskar.butovic at ami.cz
Mon Jul 11 16:06:03 CEST 2016
Hi,
I have been able to make it work. Setting implicit location of xsd solved
the issue.
<xsd:import namespace="
http://midpoint.evolveum.com/xml/ns/public/common/common-3" schemaLocation="
http://serverIp:8080/schema/common-3.xsd=http://midpoint.evolveum.com/xml/ns/public/common/common-3
"/>
But I have another issue with storing multiple passwords. When I try to
write outbound mapping for password in credentials in resource handling I
am unable to get to any other variables then the input. Following code
throws "com.evolveum.midpoint.util.exception.SchemaException: No variable
with name user in source definition in mapping in outbound password mapping
in account type Discr(RSD(account (default) @AD-connector-resource))"
<credentials>
<password>
<outbound>
<source>
<c:path>$user/extension/googleAppsPassword</c:path>
</source>
<expression>
<script>
<code>
result = googleAppsPassword;
return result;
</code>
</script>
</expression>
</outbound>
</password>
</credentials>
is there any way how to get to the user variable from the password mapping?
Best regards
Oskar Butovič
2016-06-16 14:52 GMT+02:00 Radovan Semancik <radovan.semancik at evolveum.com>:
> Hi,
>
> Congratulations. It looks like you have found a bug.
>
> This should work exactly the way as you are trying to use it. Please
> report that bug in the Jira. Also please specify the operation that you are
> trying to do when you are getting the exception so we can reproduce the
> issue easier. Thanks.
>
> --
> Radovan Semancik
> Software Architectevolveum.com
>
>
>
> On 06/13/2016 10:17 AM, Oskar Butovič - AMI Praha a.s. wrote:
>
> Hello Everybody,
>
> I am trying to add password for external application (google apps) as a
> new attribute for user because i need to store it and be able to edit it
> later. I tried to use ProtectedStringType in extension schema. But somehow
> this type doesnt work. Midpoint throws exception.
>
> relevant configuration:
>
> <xsd:schema elementFormDefault="qualified"
> targetNamespace=" <http://avast.com/xml/ns/idmSchema>
> http://avast.com/xml/ns/idmSchema"
> xmlns:tns=" <http://avast.com/xml/ns/idmSchema>
> http://avast.com/xml/ns/idmSchema"
> xmlns:a="
> <http://prism.evolveum.com/xml/ns/public/annotation-3>
> http://prism.evolveum.com/xml/ns/public/annotation-3"
> xmlns:c="
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
> http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> xmlns:t=" <http://prism.evolveum.com/xml/ns/public/types-3>
> http://prism.evolveum.com/xml/ns/public/types-3"
> xmlns:xsd=" <http://www.w3.org/2001/XMLSchema>
> http://www.w3.org/2001/XMLSchema">
>
> <xsd:complexType name="UserExtensionType">
> <xsd:annotation>
> <xsd:appinfo>
> <a:extension ref="c:UserType"/>
> </xsd:appinfo>
> </xsd:annotation>
> <xsd:sequence>
> <xsd:element name="googleAppsPassword" type="t:ProtectedStringType"
> minOccurs="0" maxOccurs="unbounded">
> <xsd:annotation>
> <xsd:appinfo>
> <a:displayName>Google Apps Password</a:displayName>
> <a:displayOrder>110</a:displayOrder>
> <a:help>Password for google apps account</a:help>
> </xsd:appinfo>
> </xsd:annotation>
> </xsd:element>
>
> exception:
>
> Caused by: org.xml.sax.SAXParseException: undefined simple or complex type
> 't:ProtectedStringType'
> at
> com.sun.xml.xsom.impl.parser.ParserContext$1.reportError(ParserContext.java:180)
> ~[jaxb-xjc-2.2.10-b140310.1920.jar:2.2.10-b140310.1920]
> at
> com.sun.xml.xsom.impl.parser.NGCCRuntimeEx.reportError(NGCCRuntimeEx.java:175)
> ~[jaxb-xjc-2.2.10-b140310.1920.jar:2.2.10-b140310.1920]
> at
> com.sun.xml.xsom.impl.parser.DelayedRef.resolve(DelayedRef.java:110)
> ~[jaxb-xjc-2.2.10-b140310.1920.jar:2.2.10-b140310.1920]
> at com.sun.xml.xsom.impl.parser.DelayedRef.run(DelayedRef.java:85)
> ~[jaxb-xjc-2.2.10-b140310.1920.jar:2.2.10-b140310.1920]
> at
> com.sun.xml.xsom.impl.parser.ParserContext.getResult(ParserContext.java:135)
> ~[jaxb-xjc-2.2.10-b140310.1920.jar:2.2.10-b140310.1920]
> at
> com.sun.xml.xsom.parser.XSOMParser.getResult(XSOMParser.java:214)
> ~[jaxb-xjc-2.2.10-b140310.1920.jar:2.2.10-b140310.1920]
> at
> com.evolveum.midpoint.prism.schema.DomToSchemaProcessor.parseSchema(DomToSchemaProcessor.java:233)
> ~[prism-3.3.1.jar:na]
> ... 75 common frames omitted
>
>
> Is it a right approach for storing passwords for external applications?
> Should i use another type?
>
>
> Thanks.
>
> Regards,
>
> Oskar Butovič
>
> --
>
> Oskar Butovič
> solution architect
>
> gsm: [+420] 774 480 101
> e-mail: oskar.butovic at ami.cz
>
>
> AMI Praha a.s.
> Pláničkova 11
> 162 00 Praha 6
> tel.: [+420] 274 783 239
> web: www.ami.cz
>
>
> [image: AMI Praha a.s.]
>
> [image: AMI Praha a.s.]
> <http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>
>
> Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
> společnost AMI Praha a.s.
> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
> písemnou formu.
>
>
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
--
Oskar Butovič
solution architect
gsm: [+420] 774 480 101
e-mail: oskar.butovic at ami.cz
AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel.: [+420] 274 783 239
web: www.ami.cz
[image: AMI Praha a.s.]
[image: AMI Praha a.s.]
<http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>
Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
písemnou formu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160711/204a2945/attachment.htm>
More information about the midPoint
mailing list