[midPoint] SSO, passwords, and end users
Radovan Semancik
radovan.semancik at evolveum.com
Mon Jul 18 20:31:43 CEST 2016
Hi,
On 07/18/2016 07:56 PM, Florin. Stingaciu wrote:
> As an alternative to this whole situation, we've built a separate
> custom web component that directly edits the LDAP attribute for a
> particular user. It would be ideal to integrate this web component
> directly in midPoint. Are there any instructions (besides just hacking
> it) on how to add a custom web component to midPoint such that it
> respects authentication and such?
There is new feature in midPoint 3.4 that can be used to add custom
forms to user details (and other) pages. Example is here:
https://github.com/Evolveum/midpoint-overlay-example. But I do not think
this is what you are looking for.
There is yet no clean and nice way to add a complete new page. But all
is not lost:
Adding a page is not difficult. Just create a new Apache Wicket page,
ideally as a subclass of our PageBase class. And that's it. You can use
overlay project for that.
If the page has the URL that falls behind the URLs protected by spring
security then the authentication will work.
Even authorizations should be quite OK. We have annotation for that.
E.g. have a look at PageSelfCredentials as an example.
The trouble is to get this page into the menu. Currently the menu is
more or less hardcoded as list of all the pages that we have created.
Individual items are hidden according to authorizations. But there is
way to extend the menu in runtime. You can use additionalMenuLink in
AdminGuiConfigurationType which can be defined either in global system
config or in any role. However ... hic sunt liones ... this feature is
not well tested.
Ability to easily add new GUI pages is on my personal nice-to-have list
for a loooong time. I'm just looking for some motivation (or at least an
excuse) to implement it.
--
Radovan Semancik
Software Architect
evolveum.com
More information about the midPoint
mailing list