[midPoint] Password Inbound from Database Table

Martin Marchese mmarchese at identicum.com
Fri Oct 7 15:45:02 CEST 2016


Thanks for your answer Ivan.. sadly that did not work for me. I'll keep on
looking into this problem and post the solution here once I find it.

Any other ideas I'll be thankful.

Regards,

*Ing. Martín Marchese*
Identicum S.A.
Jorge Newbery 3226
Tel: +54 (11) 4552-3050
mmarchese at identicum.com
www.identicum.com

On Fri, Oct 7, 2016 at 3:26 AM, Ivan Noris <ivan.noris at evolveum.com> wrote:

> Hi Martin,
>
> I have not tried this with DB Table, but for OpenLDAP resource I'm using
> the following:
>
> 1)
>
> ...
>
>          <credentials><!-- here in my example is no weak, I'm syncing
> passwords everytime! -->
>             <password>
> *               <fetchStrategy>explicit</fetchStrategy>*
>                <inbound/>
>             </password>
>          </credentials>
> ...
>
> 2)
>
> ...
>
>    <capabilities>
>       <configured xmlns:cap="http://midpoint.evolveum.com/xml/ns/public/
> resource/capabilities-3"
> <http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3>>
>
>          <cap:credentials>
> *            <cap:password>*
> *               <cap:returnedByDefault>false</cap:returnedByDefault>*
> *            </cap:password>*
>          </cap:credentials>
>       </configured>
> ...
>
> Could you please try if it helps?
>
> Regards,
>
> Ivan
> On 10/06/2016 10:55 PM, Martin Marchese wrote:
>
> Hi All,
>
> We are using a Database table connector (using PostgreSQL 9.5) to create
> users into midpoint, and we are facing a problem while we try to set their
> password.
>
> Connector version is 1.4.2.0 and MidPoint version is 3.4.1
>
> We have configured a password policy that complies with all passwords
> within the database.
>
> Password column is configured correctly in the connector configuration. I
> was looking into the samples and I see that every samples uses the
> <generate> option as it follows:
>
> <credentials>
> <password>
> <outbound/>
> <inbound>
> <strength>weak</strength>
> <expression>
> <generate/>
> </expression>
> </inbound>
> </password>
> </credentials>
>
>
> My first thought was that replacing the expression as it follows it will
> work:
>
> <credentials>
> <password>
> <outbound/>
> <inbound>
> <strength>weak</strength>
> <expression>
> <asIs/>
> </expression>
> </inbound>
> </password>
> </credentials>
>
> However, when I run an import or livesync task i receive the following
> error:
>
> Provided password does not satisfy password policies. Required minimal
> size (4) of password is not met (password length: 0)
>
> As if the password was not coming from the database. Also, when I look
> into the resource object thru the UI, the password attribute is empty.
>
> I took a look at this bug just in case: https://jira.evolveum.
> com/browse/MID-2405, but it was a different behavior since for me, it
> fails with every password I try.
>
> Any ideas on what I'm missing here?
>
> Thanks in advance.
>
> *Ing. Martín Marchese*
> Identicum S.A.
> Jorge Newbery 3226
> Tel: +54 (11) 4552-3050
> mmarchese at identicum.com
> www.identicum.com
>
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> --
> Ivan Noris
> Senior Identity Engineerevolveum.com
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161007/5feeb5f3/attachment.htm>


More information about the midPoint mailing list