[midPoint] SELF-REGISTRATION - MIDPOINT 3.5
Katka Valalikova
katka.valalikova at evolveum.com
Wed Jan 18 11:32:15 CET 2017
Hi Carlos,
probably you already solved the issue on your own, but at least I updated the documentation for self-registration process. I described the different scenarios in more depth. You can read about it here:
https://wiki.evolveum.com/display/midPoint/Self+Registration+Configuration
Briefly, the problem is, that with your configuration you enforce the existence of the user in midPoint for registration process. It is configured with the attribute
<requiredLifecycleState>proposed</requiredLifecycleState>
So, if you remove this attribute, your registration process will work.
Best regards,
Katarina Valalikova
Java Developer
evolveum.com
----- Original Message -----
From: "Carlos Ferreira" <carlos18619 at gmail.com>
To: "midPoint General Discussion" <midpoint at lists.evolveum.com>
Sent: Thursday, December 22, 2016 4:36:44 PM
Subject: [midPoint] SELF-REGISTRATION - MIDPOINT 3.5
Hi,
I am trying to configure self-registration on Midpoint 3.5 according to
https://wiki.evolveum.com/display/midPoint/Self+Registration+Configuration
My Security Policy is as follows:
<securityPolicy xmlns=" http://midpoint.evolveum.com/xml/ns/public/common/common-3 "
xmlns:q=" http://prism.evolveum.com/xml/ns/public/query-3 "
xmlns:c=" http://midpoint.evolveum.com/xml/ns/public/common/common-3 "
xmlns:t=" http://prism.evolveum.com/xml/ns/public/types-3 "
xmlns:icfs=" http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3 "
xmlns:ri=" http://midpoint.evolveum.com/xml/ns/public/resource/instance-3 "
oid="28bf845a-b107-11e3-85bc-001e8c717e5b"
version="3">
<name>Global Security Policy</name>
<metadata>
<createTimestamp>2016-12-22T13:03:27.065-02:00</createTimestamp>
<creatorRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></creatorRef>
<createChannel> http://midpoint.evolveum.com/xml/ns/public/model/channels-3#objectImport </createChannel>
</metadata>
<authentication>
<mailAuthentication>
<name>confirmationLink</name>
<displayName>Additional mail authentication</displayName>
<mailNonce>mailNonce</mailNonce>
</mailAuthentication>
</authentication>
<credentials>
<nonce>
<maxAge>PT10M</maxAge>
<name>mailNonce</name>
</nonce>
</credentials>
<registration>
<selfRegistration>
<name>selfRegistration</name>
<initialLifecycleState>proposed</initialLifecycleState>
<requiredLifecycleState>proposed</requiredLifecycleState>
<displayName>Self Registration</displayName>
<additionalAuthenticationName>confirmationLink</additionalAuthenticationName>
<defaultRole oid="00000000-0000-0000-0000-000000000008" type="c:RoleType"><!-- End user --></defaultRole>
</selfRegistration>
</registration>
</securityPolicy>
However, when a try to register a new user, after filling the attributes on screen, I receive the message
Registration process not allowed. Please contact system administrator.
In the IDM.LOG, this line is appended:
2016-12-22 13:35:12,092 [] [http-nio-8080-exec-23] ERROR (com.evolveum.midpoint.web.page.login.PageSelfRegistration): Registration not allowed for a user carlosaf at trt3.jus.br -> Unsatisfied Configuration for required lifecycle, expected proposed but was null
Thks in advance,
Carlos
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com
http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170118/2e47b4b3/attachment.htm>
More information about the midPoint
mailing list