[midPoint] workflow for secondary delta
Oskar Butovič - AMI Praha a.s.
oskar.butovic at ami.cz
Thu Dec 14 13:16:41 CET 2017
Hello Pavol,
Now I see that more complex it becomes with external systems. :-) The
desired behavior would be that role is unassigned in the external system
when such role assignment is refused in midPoint. So it seems more like
recertification process.
Could it be solved by immediately starting recertification for role
assignment synced from the external system?
Best Regards
Oskar Butovič
2017-12-14 12:51 GMT+01:00 Pavol Mederly <mederly at evolveum.com>:
> Hello Oskar,
>
> the crucial question is: what should midPoint do if such a secondary
> change would get rejected?
>
> Pavol Mederly
> Software developerevolveum.com
>
> On 14.12.2017 11:34, Oskar Butovič - AMI Praha a.s. wrote:
>
> Hello everybody,
>
> I was wondering whether I can enforce executing approval workflow upon
> assignment which is in the secondary delta. Eg. role assignment
> synchronized from an external system or role assigned by object template
> based on some attribute values.
>
> I have some ideas:
> - can it be configured by policy rules alone?
> - can it be done by generalChangeProcessor https:/
> /wiki.evolveum.com/display/midPoint/How+to+develop+your+
> own+approval+processes+-+case+3:+using+general+change+processor ?
> - If all else fails would moving the assignment delta from secondary to
> primary via hook do the trick?
>
> Could any of those ideas work?
>
> Best Regards
> Oskar Butovič
> --
>
> Oskar Butovič
> solution architect
>
> gsm: [+420] 774 480 101 <+420%20774%20480%20101>
> e-mail: oskar.butovic at ami.cz
>
>
> AMI Praha a.s.
> Pláničkova 11
> 162 00 Praha 6
> tel.: [+420] 274 783 239 <+420%20274%20783%20239>
> web: www.ami.cz
>
>
> [image: AMI Praha a.s.]
>
> [image: AMI Praha a.s.]
> <http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>
>
> Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
> společnost AMI Praha a.s.
> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
> písemnou formu.
>
>
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
--
Oskar Butovič
solution architect
gsm: [+420] 774 480 101
e-mail: oskar.butovic at ami.cz
AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel.: [+420] 274 783 239
web: www.ami.cz
[image: AMI Praha a.s.]
[image: AMI Praha a.s.]
<http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>
Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
písemnou formu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171214/7608df2e/attachment.htm>
More information about the midPoint
mailing list