[midPoint] Standalone midPoint deployment (spring boot)

[Radovan Semancik]

Hello,

Next midPoint version (3.7) will be distributed in a stand-alone 
version. This means that it will start up as a stand-alone server. There 
will be no need to deploy it in Tomcat or any application server. This 
stand-alone version is based on Spring Boot, which we are happily 
adopting. In fact Tomcat is still there, it is just embedded in the 
distribution package. We hope that this change will make midPoint easier 
to deploy and maintain.

The traditional WAR is still available and it still can be deployed in 
Tomcat. There is no change in that. But starting from midPoint 3.7 this 
will be an alternative deployment method. The stand-alone deployment 
method will be the primary one. The WAR will be supported at least for 
next couple of years. It will be maintained as long as there is at least 
one subscriber that prefers this method. However, Tomcat will be the 
only officially supported container. Other containers (such as WebLogic) 
will be supported only if there is an active midPoint subscription that 
has explicitly negotiated subscription for that container. We do not 
plan to add support for more containers - unless there is a subscriber 
that funds this support, of course. This may sound a bit harsh but there 
is a good reason for this decision. The JEE web containers are not 
entirely compatible. Each JEE container has its quirks, each of them 
needs some tweaks in midPoint, often a separate build project or 
profile. Support for each container is taking quite a lot of resources. 
Those resources may be put to better use elsewhere.

There is one more change that comes with Spring Boot. Spring strongly 
prefers annotation-based configuration in Java code over the traditional 
XML files. We have decided to go this way as well as it has several 
important advantages. However, there was semi-official support for LDAP, 
AD and CAS authentication for midPoint. This was based on the XML 
configuration of Spring Security modules. This XML-based configuration 
will no longer work in midPoint 3.7. We have converted the LDAP 
authentication configuration to the new annotation-based method, because 
there is a subscriber that is using LDAP authentication. But there is no 
subscription that would cover CAS authentication. Therefore we are 
leaving the task to convert CAS configuration to the community. If 
anyone is interested in doing this please let me know. We can provide 
more details about this task.

-- 
Radovan Semancik
Software Architect
evolveum.com